An issue was discovered in mxGraph through 4.0.0, related to the “draw.io Diagrams” plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js.
Source link
[Bug 1850863] CVE-2019-13127 mxgraph: improper input validation leads to XSS
RELATED STORIES
# Exploit Title: ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting
# Date: 2020-08-22
...
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution
Date: 2020-08-13
...
This security advisory describes one high risk vulnerability. 1) Out-of-bounds write Risk: High CVSSv3: 7.7...
SOUTH SAN FRANCISCO, Calif., Nov. 24, 2020 /PRNewswire/ — Sutro Biopharma, Inc. (NASDAQ: STRO), a clinical-stage...
This security advisory describes one medium risk vulnerability. 1) Path traversal Risk: Medium CVSSv3: 5.7...
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule...
KL-001-2020-006 : Barco wePresent Authentication Bypass Title: Barco wePresent Authentication Bypass Advisory ID: KL-001-2020-006 Publication...
The Apple HomePod has finally been jailbroken with checkra1n jailbreak. Here’s all you need to...
This security advisory describes one low risk vulnerability. 1) OS Command Injection Risk: Low CVSSv3:...
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
You must be logged in to post a comment.