logo
DATABASE RESOURCES PRICING ABOUT US

JVN#14323043: Metabase vulnerable to cross-site scripting

Description

Metabase provided by Metabase, Inc. contains a reflected cross-site scripting vulnerability ([CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)). ## Impact An arbitrary script may be executed on a logged-in user's web browser. ## Solution **Update the Software** Update to the latest version according to the information provided by the developer. ## Products Affected * Metabase version 0.29.3 and earlier


Related