CVE-2023-3398

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.

CVE-2023-3026

Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.

CVE-2023-3973

Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3.

CVE-2023-3974

OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0.

CVE-2023-3975

OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0.