Vulnerabilities > Diagrams

DATE CVE VULNERABILITY TITLE RISK
2022-09-05 CVE-2022-3127 Unspecified vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8.
network
low complexity
diagrams
5.4
2022-09-02 CVE-2022-3065 Unspecified vulnerability in Diagrams Drawio
Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8.
network
low complexity
diagrams
7.5
2022-06-09 CVE-2022-2014 Code Injection vulnerability in Diagrams Drawio
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2.
network
low complexity
diagrams CWE-94
5.4
2022-06-09 CVE-2022-2015 Cross-site Scripting vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2.
network
low complexity
diagrams CWE-79
5.4
2022-05-25 CVE-2022-1815 Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.
network
low complexity
diagrams CWE-918
7.5
2022-05-20 CVE-2022-1784 Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8.
network
low complexity
diagrams CWE-918
7.5
2022-05-19 CVE-2022-1730 Cross-site Scripting vulnerability in Diagrams Drawio
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 18.0.4.
network
low complexity
diagrams CWE-79
4.6
2022-05-18 CVE-2022-1774 Open Redirect vulnerability in Diagrams Drawio
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7.
network
low complexity
diagrams CWE-601
6.1
2022-05-18 CVE-2022-1767 Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.
network
low complexity
diagrams CWE-918
7.5
2022-05-18 CVE-2022-1727 Improper Input Validation vulnerability in Diagrams Drawio
Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6.
network
low complexity
diagrams CWE-20
8.8