RSS   Vulnerabilities for 'YED'   RSS

2020-09-17
 
CVE-2020-25216

CWE-91
 

 
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.

 
 
CVE-2020-25215

CWE-611
 

 
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.

 


Copyright 2024, cxsecurity.com

 

Back to Top