CVE Vulnerability
CVE-2022-1722
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses
References
| Link | Resource |
|---|---|
| https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae | Patch Third Party Advisory |
| https://huntr.dev/bounties/c903d563-ba97-44e9-b421-22bfab1e0cbd | Exploit Patch |
Configurations
Configuration 1
|
Information
Published : 2022-05-16 03:15
Updated : 2023-02-16 06:11
NVD link : CVE-2022-1722
Mitre link : CVE-2022-1722
Products Affected
No products.
CWE
CWE-918
Server-Side Request Forgery (SSRF)