VYPR
Unrated severityNVD Advisory· Published Jul 25, 2023· Updated Oct 3, 2024

DataEase has a SQL injection vulnerability that can bypass blacklists

CVE-2023-37258

Description

DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, DataEase has a SQL injection vulnerability that can bypass blacklists. The vulnerability has been fixed in v1.18.9. There are no known workarounds.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Dataease/Dataeasellm-fuzzy2 versions
    <1.18.9+ 1 more
    • (no CPE)range: <1.18.9
    • (no CPE)range: < 1.18.9

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.