VYPR
Unrated severityNVD Advisory· Published May 5, 2022· Updated Aug 3, 2024

Arbitrary Code Execution through Sanitizer Bypass in jgraph/drawio

CVE-2022-1575

Description

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jgraph/Drawiollm-fuzzy
    Range: <18.0.0
  • jgraph/jgraph/drawiov5
    Range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.