Vulnerabilities for Drawio (...) - CXSECURITY.COM

Vulnerabilities for 'Drawio'

2022-06-09

CVE-2022-2014

CWE-94

Code Injection in GitHub repository jgraph/drawio prior to 19.0.2.

CVE-2022-2015

CWE-79

Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2.

2022-05-05

CVE-2022-1575

CWE-79

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.

>>> Vendor: Diagrams 2 Products

Copyright 2024, cxsecurity.com