Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary Code Execution through Sanitizer Bypass in jgraph/drawio
Vulnerability Description
Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.
CVSS Information
N/A
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
JGraph draw.io 跨站脚本漏洞
Vulnerability Description
JGraph draw.io是JGraph的一个可配置的图表/白板可视化应用程序。 JGraph draw.io 18.0.0之前版本存在跨站脚本漏洞,该漏洞源于应用缺少对于用户输入的过滤和转义。攻击者利用该漏洞可以实现任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A