๐Ÿ” CVE Alert

CVE-2022-3223

MEDIUM 4.3

Cross-site Scripting (XSS) - Stored in jgraph/drawio

CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th

Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1.

CWE CWE-79
Vendor jgraph
Product jgraph/drawio
Published Sep 16, 2022
Last Updated Aug 3, 2024
Stay Ahead of the Next One

Get instant alerts for jgraph jgraph/drawio

Be the first to know when new medium vulnerabilities affecting jgraph jgraph/drawio are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Versions

jgraph / jgraph/drawio
unspecified < 20.3.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
huntr.dev: https://huntr.dev/bounties/125791b6-3a68-4235-8866-6bc3a52332ba github.com: https://github.com/jgraph/drawio/commit/ea012baba6fb2e903797fa6306833ca4f31ab361