Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
9.8
CVSSv3
CVE-2023-3974
Published: 27/07/2023 Updated: 03/08/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Vulnerability Summary
OS Command Injection in GitHub repository jgraph/drawio before 21.4.0.
Subscribe to Diagrams
Vulnerable Product
Search on Vulmon
Subscribe to Product
diagrams drawio
References
CWE-78
https://github.com/jgraph/drawio/commit/9d6532de36496e77d872d91b1947bb696607d623
https://huntr.dev/bounties/ce75aa04-e4d6-4e0a-9db0-ae84c46ae9e2
https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started