Vulnerabilities > Yworks

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-17	CVE-2020-25216	XML Injection (aka Blind XPath Injection) vulnerability in Yworks YED yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. network low complexity yworks CWE-91 critical	9.8
2020-09-17	CVE-2020-25215	XXE vulnerability in Yworks YED yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document. network low complexity yworks CWE-611 critical	9.8

Vulnerabilities > Yworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Yworks"}]}