CVE-2022-1767

Name of the Vulnerable Software and Affected Versions jgraph/drawio versions prior to 18.0.7

Description The issue is related to Server-Side Request Forgery (SSRF) in the GitHub repository jgraph/drawio. SSRF is a type of attack where an attacker can trick a server into making requests to internal or external resources, potentially leading to unauthorized access or data leakage. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to 18.0.7, update to version 18.0.7 or later to resolve the issue.