3 matches found
CVE-2022-24855
Metabase is an open source business intelligence and analytics application. In affected versions Metabase ships with an internal development endpoint /internal that can allow for cross site scripting XSS attacks, potentially leading to phishing attempts with malicious links that could lead to...
CVE-2022-24855 XSS vulnerability in Metabase
Metabase is an open source business intelligence and analytics application. In affected versions Metabase ships with an internal development endpoint /internal that can allow for cross site scripting XSS attacks, potentially leading to phishing attempts with malicious links that could lead to...
CVE-2022-24855
CVE-2022-24855 (Metabase) affects Metabase versions prior to the patched releases. The vulnerability arises from an internal development endpoint “/_internal” that can be exploited to perform cross-site scripting (XSS), potentially enabling phishing with malicious links and account takeover. Affe...