draw.io code execution | CVE-2022-2014
NAME
draw.io code execution
- Platforms Affected:
JGraph draw.io 17.5.1
JGraph draw.io 18.0.2
JGraph draw.io 18.0.3
JGraph draw.io 18.0.4
JGraph draw.io 18.0.5
JGraph draw.io 18.0.6
JGraph draw.io 18.0.7
JGraph draw.io 18.1.1
JGraph draw.io 18.0.8
JGraph draw.io 19.0.1 - Risk Level:
9.8 - Exploitability:
Proof of Concept - Consequences:
Gain Access
DESCRIPTION
draw.io could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the tooltips function. By sending a specially-crafted request using the nodeName and nodeValue parameters, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Access Vector: Network
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
- Remediation Level: Official Fix
MITIGATION
Refer to the draw.io GIT Repository for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://huntr.dev/bounties/911a4ada-7fd6-467a-a464-b88604b16ffc/ - Reference Link:
https://github.com/jgraph/drawio/commit/3d3f819d7a04da7d53b37cc0ca4269c157ba2825
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.
