CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3127 – Cross-site Scripting (XSS) - Stored in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-3127
05 Sep 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub jgraph/drawio versiones anteriores a 20.2.8 • https://github.com/jgraph/drawio/commit/59887e45b36f06c8dd4919a32bacd994d9f084da • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3065 – Improper Access Control in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-3065
02 Sep 2022 — Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8. Un Control de Acceso Inapropiado en el repositorio de GitHub jgraph/drawio versiones anteriores a 20.2.8 • https://github.com/jgraph/drawio/commit/59887e45b36f06c8dd4919a32bacd994d9f084da • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2015 – Cross-site Scripting (XSS) - Stored in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-2015
08 Jun 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub jgraph/drawio versiones anteriores a 19.0.2 • https://github.com/jgraph/drawio/commit/3d3f819d7a04da7d53b37cc0ca4269c157ba2825 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2014 – Code Injection in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-2014
08 Jun 2022 — Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. Una Inyección de código en el repositorio de GitHub jgraph/drawio versiones anteriores a 19.0.2 • https://github.com/jgraph/drawio/commit/3d3f819d7a04da7d53b37cc0ca4269c157ba2825 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 1CVE-2022-1815 – Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-1815
25 May 2022 — Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. Una Exposición de Información Confidencial a un Actor no Autorizado en el repositorio de GitHub jgraph/drawio versiones anteriores a 18.1.2 • https://github.com/jgraph/drawio/commit/c287bef9101d024b1fd59d55ecd530f25000f9d8 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1784 – Server-Side Request Forgery (SSRF) in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-1784
20 May 2022 — Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el repositorio de GitHub jgraph/drawio versiones anteriores a 18.0.8 • https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1730 – Cross-site Scripting (XSS) - Stored in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-1730
19 May 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 18.0.4. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio GitHub jgraph/drawio versiones anteriores a 18.0.4 • https://github.com/jgraph/drawio/commit/4deecee18191f67e242422abf3ca304e19e49687 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1774 – Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-1774
18 May 2022 — Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7. Una Exposición de Información Confidencial a un Actor no Autorizado en el repositorio de GitHub jgraph/drawio versiones anteriores a 18.0.7 • https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1767 – Server-Side Request Forgery (SSRF) in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-1767
18 May 2022 — Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el repositorio de GitHub jgraph/drawio versiones anteriores a 18.0.7 • https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1727 – Improper Input Validation in jgraph/drawio
https://notcve.org/view.php?id=CVE-2022-1727
18 May 2022 — Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6. Una Comprobación de Entrada inapropiada en el repositorio de GitHub jgraph/drawio versiones anteriores a 18.0.6 • https://github.com/jgraph/drawio/commit/4deecee18191f67e242422abf3ca304e19e49687 • CWE-20: Improper Input Validation •