Search Results

Results
CVE-2023-28637	DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provid...	None	8.8
CVE-2023-28437	Dataease is an open source data visualization and analysis tool. The blacklist for SQL injection protection is missing entries. This vulnerability has been fixed in version 1.18.5. There are no known workarounds.	None	9.8
CVE-2023-28435	Dataease is an open source data visualization and analysis tool. The permissions for the file upload interface is not checked so users who are not logged in can upload directly to the background. The file type also goes ...	None	6.1

HPI-VDB — Database for IT-Attack Analysis