CVE-2023-28435
Dataease file-upload vulnerability: permissions are not checked and file types are unchecked, enabling non-logged-in users to upload arbitrary files. Affected versions prior to 1.18.5. Remediation: upgrade to 1.18.5 (or apply provided fix).