CVE-2025-70830

A Server-Side Template Injection SSTI vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field...

Datart 安全漏洞

Datart is running-elephant's open source generation open platform for data visualization. A security vulnerability exists in Datart 1.0.0-rc3 and earlier versions, which stems from the use of hard-coded keys in the datart/security/src/main/java/datart/security/util/AESUtil.java file...