3 matches found
CVE-2023-24045
In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request...
CVE-2023-24045
In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request...
CVE-2023-24045
In Dataiku DSS 11.2.1, an attacker can download other users’ files uploaded to the myfiles area by specifying the target username in a download request. This originates from a path/input validation flaw that allows unauthorized access to files. Exploitation details are not provided beyond the des...