4 matches found
CVE-2022-34114
creationtimestamp| type| source ---|---|--- 2022-07-23 02:24:45+00:00| seen| https://t.me/cibsecurity/46843...
io.dataease:dataease-plugin-datasource (>=1.10.0 <=1.11.1), io.dataease:dataease-plugin-interface (>=1.0 <=1.11.1) +1 more potentially affected by CVE-2022-34114 via io.dataease:dataease-plugin-common (>=1.0 <=1.11.1)
io.dataease:dataease-plugin-common MAVEN version =1.0, =1.10.0, =1.0, =1.10.0, =1.11.1 Source cves: CVE-2022-34114 Source advisory: OSV:GHSA-HMVW-66JM-H9FH...
CVE-2022-34114
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId...
CVE-2022-34114
Dataease v1.11.1 contains a SQL injection vulnerability in the dataSourceId parameter (SQL injection via /dataset/table/sqlPreview). CVSSv3.1 base score 8.8 (HIGH) with NETWORK attack vector, low complexity, privileges required LOW, no user interaction. Public references (NVD entry, Red Hat advis...