DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, DataEase has a SQL injection vulnerability that can bypass blacklists. The vulnerability has been fixed in v1.18.9. There are no known workarounds.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-07-25T19:36:14.962Z
Updated: 2024-08-02T17:09:33.656Z
Reserved: 2023-06-29T19:35:26.436Z
Link: CVE-2023-37258
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-25T20:15:13.560
Modified: 2023-08-01T20:20:01.997
Link: CVE-2023-37258
Redhat
No data.