Fl3X1Nz

**Name of the Vulnerable Software and Affected Versions** draw.io versions prior to 29.7.9 **Description** The application accepts a `gitlab` URL parameter that overrides the GitLab server URL used during OAuth sign-in. An attacker can use a crafted link to cause the "Authorize in GitLab" dialog to open a popup on a host under their control instead of the legitimate gitlab.com. This behavior can lead to credential fishing and the exfiltration of session state tokens. **Recommendations** Update to version 29.7.9.