Maven package
net.sourceforge.plantuml/plantuml
pkg:maven/net.sourceforge.plantuml/plantuml
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-0858 | Med | 6.1 | < 1.2026.0 | 1.2026.0 | Jan 16, 2026 | Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG outpu | |
| CVE-2023-3432 | — | < 1.2023.9 | 1.2023.9 | Jun 27, 2023 | Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9. |
- affected < 1.2026.0fixed 1.2026.0
Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG outpu
- CVE-2023-3432Jun 27, 2023affected < 1.2023.9fixed 1.2023.9
Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.