Critical severity9.8NVD Advisory· Published Sep 17, 2020· Updated Jun 17, 2026
CVE-2020-25216
CVE-2020-25216
Description
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- yWorks/yEd Desktopdescription
- Range: <3.20.1
Patches
Vulnerability mechanics
References
2- www.yworks.com/products/yed/downloadnvdRelease NotesVendor Advisory
- zigrin.com/advisories/yworks-yed-graph-editor-xslt-remote-code-execution-in-xml/nvd
News mentions
0No linked articles in our index yet.