exploitDog

GHSA-5f4w-gff5-9w6x

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

Ссылки

EPSS

Процентиль: 100%

0.89884

Высокий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2022-1713

CVSS3: 7.5

nvd

больше 3 лет назад

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

EPSS

Процентиль: 100%

0.89884

Высокий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-918