Vulnerabilities > CVE-2023-3026 - Unspecified vulnerability in Diagrams Drawio
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.
Vulnerable Configurations
References
- https://github.com/jgraph/drawio/commit/c7ac634055c3edfabc7729fc4298a5ab7bfbf384
- https://github.com/jgraph/drawio/commit/c7ac634055c3edfabc7729fc4298a5ab7bfbf384
- https://huntr.com/bounties/9bbcc127-1e69-4c88-b318-d2afef48eff0
- https://huntr.dev/bounties/9bbcc127-1e69-4c88-b318-d2afef48eff0
- https://huntr.dev/bounties/9bbcc127-1e69-4c88-b318-d2afef48eff0