Critical severity9.8NVD Advisory· Published Sep 17, 2020· Updated Jun 17, 2026
CVE-2020-25215
CVE-2020-25215
Description
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- yWorks/yEd Desktopdescription
- Range: <3.20.1
Patches
Vulnerability mechanics
References
2- www.yworks.com/products/yed/downloadnvdRelease NotesVendor Advisory
- zigrin.com/advisories/yworks-yed-graph-editor-xml-external-entity-injection/nvd
News mentions
0No linked articles in our index yet.