Vulnerability CVE-2022-3223


Published: 2022-09-16

Description:
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/jgraph/drawio/commit/ea012baba6fb2e903797fa6306833ca4f31ab361
https://huntr.dev/bounties/125791b6-3a68-4235-8866-6bc3a52332ba

Copyright 2026, cxsecurity.com

 

Back to Top