CVE-2023-3398: Denial of Service in jgraph/drawio
5.3
CVSS
Description
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.
Classification
CVE ID: CVE-2023-3398
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.3
Affected Products
Vendor: jgraph
Product: jgraph/drawio
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.07% (probability of being exploited)
EPSS Percentile: 34.19% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)
References
https://huntr.dev/bounties/aa087215-80e1-433d-b870-650705630e69https://github.com/jgraph/drawio/commit/064729fec4262f9373d9fdcafda0be47cd18dd50