XSS in Owncloud Drawio For

CVE-2025-53831

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15…

Vulnerability class: XSS (Cross-Site Scripting)

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-53831?
CVE-2025-53831 is a high-severity vulnerability in Owncloud Drawio For, classified under Cross-site Scripting. CVSS score: 8.2/10. Published 2026-07-06.
How severe is CVE-2025-53831?
High severity. CVSS v3 base score is 8.2 out of 10.