VYPR
Unrated severityNVD Advisory· Published May 16, 2022· Updated Aug 3, 2024

SSRF on /proxy in jgraph/drawio

CVE-2022-1713

Description

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jgraph/Drawiollm-fuzzy
    Range: <18.0.4
  • jgraph/jgraph/drawiov5
    Range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.