Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0715

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01388EPSS
Exploits0References8
OSV
OSV
added 2024/02/23 6:30 p.m.24 views

GHSA-RC6H-QWJ9-2C53 Apache DolphinScheduler vulnerable to arbitrary JavaScript execution as root for authenticated users

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed JavaScript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patch to fix it. This...

8.8CVSS8.3AI score0.01388EPSS
Exploits0References8
NVD
NVD
added 2024/02/23 5:15 p.m.31 views

CVE-2024-23320

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patch to fix it. This...

8.8CVSS8.5AI score0.01388EPSS
Exploits0References5
Prion
Prion
added 2024/02/23 5:15 p.m.28 views

Input validation

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patch to fix it. This...

6.7AI score0.01418EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2023/12/30 6:30 p.m.4 views

org.apache.dolphinscheduler:dolphinscheduler-standalone-server (>=3.0.0 <=3.0.6) potentially affected by CVE-2023-49299 via org.apache.dolphinscheduler:dolphinscheduler-master (>=3.0.0-alpha <=3.0.6)

org.apache.dolphinscheduler:dolphinscheduler-master MAVEN version =3.0.0-alpha, =3.0.0, =3.0.6 Source cves: CVE-2023-49299 Source advisory: OSV:GHSA-V7HG-77V9-2445...

8.8CVSS7.2AI score0.01418EPSS
Exploits0
NVD
NVD
added 2023/12/30 5:15 p.m.38 views

CVE-2023-49299

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fixes the issue...

8.8CVSS0.01418EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/30 4:27 p.m.36 views

CVE-2023-49299 Apache DolphinScheduler: Arbitrary js execute as root for authenticated users

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fixes the issue...

8.8AI score0.01418EPSS
Exploits0References3
CVE
CVE
added 2023/12/30 4:27 p.m.91 views

CVE-2023-49299

CVE-2023-49299 (Apache DolphinScheduler) : An authenticated user can trigger server-side, unsandboxed JavaScript execution due to improper input validation. The issue affects DolphinScheduler prior to fixed versions and is treated as a legacy/continued vulnerability in later advisories. A fix is ...

8.8CVSS8.6AI score0.01418EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/30 4:27 p.m.18 views

CVE-2023-49299 Apache DolphinScheduler: Arbitrary js execute as root for authenticated users

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fixes the issue...

8.6AI score0.01418EPSS
Exploits0References3
Rows per page
Query Builder