Unrated severityNVD Advisory· Published Jun 26, 2023· Updated Nov 6, 2024
Unauthorized users can manipulate a dashboard created by an administrator in DataEase
CVE-2023-35164
Description
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgjmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.