Description
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1.
References
https://github.com/jgraph/drawio/commit/ea012baba6fb2e903797fa6306833ca4f31ab361
PatchThird Party Advisory
https://huntr.dev/bounties/125791b6-3a68-4235-8866-6bc3a52332ba
ExploitPatchThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2022-09-16T11:15:12.107
2 years agoLast modified
2022-09-20T18:18:07.533
2 years ago