Vulnerability CVE-2022-1722


Published: 2022-05-16

Description:
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses

 References:
https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae
https://huntr.dev/bounties/c903d563-ba97-44e9-b421-22bfab1e0cbd

Copyright 2026, cxsecurity.com

 

Back to Top