David Benson

3 exploits Active since Jul 2019
CVE-2019-13127 WRITEUP MEDIUM WRITEUP
Draw.io Diagrams < 8.3.14 - XSS
An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js.
CVSS 6.1
CVE-2023-3398 WRITEUP HIGH WRITEUP
jgraph/drawio <18.1.3 - DoS
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.
CVSS 7.5
CVE-2023-3973 WRITEUP MEDIUM WRITEUP
Diagrams Drawio < 21.6.3 - XSS
Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3.
CVSS 6.1