An issue was discovered in mxGraph through 4.0.0, related to the “draw.io Diagrams” plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js.
Source link
[Bug 1850863] CVE-2019-13127 mxgraph: improper input validation leads to XSS
RELATED STORIES
Project Zero, Google’s 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for...
Description: IBM Planning Analytics 2.0 could allow a remote authenticated attacker to obtain information about...
Los investigadores de Google Project Zero revelaron el hallazgo de una vulnerabilidad presente en los...
CVE ID Not Found. A vulnerability has been identified, and possibly a CVE has been...
Experts Discuss How #COVID19 Impacted the Cyber-Threat LandscapeThe impact of COVID-19 on the cyber-threat landscape...
Canadian privacy experts are concerned the federal government’s plan to develop an online passport application...
The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a...
‘Tis the season of giving! How have you given back to the open-source community? No...
An update that fixes two vulnerabilities is now available. openSUSE Security Update: Security update for...
Details A large number of security issues were discovered in the WebKitGTK Web andJavaScript engines....
You must be logged in to post a comment.