We are reliable, trustworthy, and ready for challenges! Hire Us
Contact our expert
DATE
07.10.2020
Affected Vendor
yworks
Affected Product
yEd Graph Editor – https://www.yworks.com
Vulnerable version
3.20
Fixed version
3.20.1
CVSS
8.3 High CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Recommendations
Update to yworks yEd Graph Editor version 3.20.1
Vulnerability details
It is possible to execute code on the operating system when opening malicious XSL Transformation files in conjunction with a custom stylesheet.
CVE
CVE-2020-25216
Credits
Dawid Czarnecki
References
Do you think the security of your data might be lacking? Let's find the best approach together. Once you contact us, we will ask you about the project you want to secure.
Your email address will not be published. Required fields are marked *
Your data will be processed in accordance with our privacy policy