Every CVE whose affected-product data names Jgraph Mxgraph, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-18197 — CVSS 9.8 (critical): In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External…
CVE-2019-13127 — CVSS 6.1 (medium): An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products…
CVE-2022-40440 — CVSS 6.1 (medium): mxGraph v4.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the setTooltips() function.