2 matches found
CVE-2018-10732
The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information i.e., determine if a username is valid because of profile pictures visibility...
CVE-2018-10732
Dataiku DSS REST API (affected product: Dataiku DSS) prior to version 4.2.3 is affected. The vulnerability arises from profile pictures visibility in the REST API, enabling remote attackers to determine whether a username is valid (information disclosure). The root cause is insufficient access co...