From 4a4e7734b34491febc1dc36763458bfb6fc0a33e Mon Sep 17 00:00:00 2001
From: Vendeta <VZVendeta@hotmail.com>
Date: Fri, 15 May 2026 19:15:07 +0300
Subject: [PATCH] Improve GHSA-hr7c-pw36-w99g

---
 .../GHSA-hr7c-pw36-w99g.json                  | 32 ++++++++++++++++---
 1 file changed, 28 insertions(+), 4 deletions(-)

diff --git a/advisories/unreviewed/2026/05/GHSA-hr7c-pw36-w99g/GHSA-hr7c-pw36-w99g.json b/advisories/unreviewed/2026/05/GHSA-hr7c-pw36-w99g/GHSA-hr7c-pw36-w99g.json
index fd755cca05606..a19907cfd5e58 100644
--- a/advisories/unreviewed/2026/05/GHSA-hr7c-pw36-w99g/GHSA-hr7c-pw36-w99g.json
+++ b/advisories/unreviewed/2026/05/GHSA-hr7c-pw36-w99g/GHSA-hr7c-pw36-w99g.json
@@ -6,14 +6,38 @@
   "aliases": [
     "CVE-2026-7182"
   ],
-  "details": "Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include\n local files from the server and display them in the generated pdf.  \n\nThis issue was fixed in version 1.1.1.",
+  "summary": "Path Traversal in DHTMLX Diagram Export Module via Unsanitized src Attribute",
+  "details": "### Summary\nThe DHTMLX Diagram export module is vulnerable to Path Traversal via the `src` attribute during HTML processing. Due to a lack of proper HTML sanitization before generating document exports, an unauthenticated remote attacker can inject a crafted HTML payload containing arbitrary file paths. When the server processes the export request to generate a PDF or image file, the underlying rendering engine resolves the path traversal sequences and embeds the contents of local system files directly into the generated output document.\n\nThis vulnerability affects self-hosted or local deployments using the standalone DHTMLX Diagram export server module.\n\n### Remediation\nUpgrade the standalone DHTMLX Diagram export service backend to version **1.1.1** or later. If you are utilizing the official Docker distribution, pull the latest image and restart your container instance:\n\n```bash\ndocker pull dhtmlx/diagram-export:latest",
   "severity": [
     {
-      "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@dhtmlx/diagram-export"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "= 1.1.1"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "< 1.1.1"
+      }
     }
   ],
-  "affected": [],
   "references": [
     {
       "type": "ADVISORY",