exploitDog

GHSA-h3vj-c927-89ww

Опубликовано: 06 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.

Ссылки

EPSS

Процентиль: 83%

0.0183

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-1575

CVSS3: 9.6

nvd

почти 4 года назад

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.

EPSS

Процентиль: 83%

0.0183

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79