Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: July 22, 2019
In mermaid, versions prior to 8.2.3 are vulnerable to Cross-Site Scripting if malicious input is provided to the application, it will execute the code instead of rendering it as text due to improper output encoding.
Weakness Type (CWE)
Upgrade to version 8.2.3
|Attack Vector (AV):||NETWORK|
|Attack Complexity (AC):||LOW|
|Privileges Required (PR):||NONE|
|User Interaction (UI):||REQUIRED|