writeups.xyz / draw.io CVEs

Submitter : c2a

Date: 24 February 2023

Bounty : undisclosed

Vulnerabilities :

• SSRF
• OAuth
• Open Redirect
• Token Leak
• Security Code Review

Programs :

• Draw.io

Authors :

• @Caioluders

Link :
https://lude.rs/h4ck1ng/draw.io_cves.html