Vulnerabilities > Diagrams

DATE CVE VULNERABILITY TITLE RISK
2023-07-27 CVE-2023-3973 Unspecified vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3.
network
low complexity
diagrams
6.1
2023-07-27 CVE-2023-3974 Unspecified vulnerability in Diagrams Drawio
OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0.
network
low complexity
diagrams
critical
9.8
2023-07-27 CVE-2023-3975 Unspecified vulnerability in Diagrams Drawio
OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0.
network
low complexity
diagrams
critical
9.8
2023-06-26 CVE-2023-3398 Unspecified vulnerability in Diagrams Drawio
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.
network
low complexity
diagrams
7.5
2023-06-01 CVE-2023-3026 Unspecified vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.
network
low complexity
diagrams
6.1
2022-11-07 CVE-2022-3873 Cross-site Scripting vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - DOM in GitHub repository jgraph/drawio prior to 20.5.2.
network
low complexity
diagrams CWE-79
6.1
2022-09-16 CVE-2022-3223 Unspecified vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1.
network
low complexity
diagrams
6.1
2022-09-09 CVE-2022-3133 Unspecified vulnerability in Diagrams Drawio
OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0.
local
low complexity
diagrams
7.8
2022-09-08 CVE-2022-3138 Unspecified vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.
network
low complexity
diagrams
6.1
2022-09-08 CVE-2022-3148 Unspecified vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.
network
low complexity
diagrams
6.1