CVE-2022-22121
CVE-2022-22121 (NocoDB) affects versions 0.81.0–0.83.8. A low-privileged attacker can create a table and inject payloads into table rows; when an administrator exports data to CSV via the User Management endpoint and opens the file, the payload may execute. Root cause stated as lack of sanitizati...