4 matches found
CVE-2024-56511
DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...
CVE-2024-56511
DataEase CVE-2024-56511 affects DataEase prior to version 2.10.4. The root cause is a weakness in authentication in io.dataease.auth.filter.TokenFilter where request.getRequestURI is passed to WhitelistUtils.match to decide non-authenticated interfaces; the current whitelist filtering of semicolo...
CVE-2024-56511 DataEase has an unauthorized vulnerability
DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...
CVE-2024-56511 DataEase has an unauthorized vulnerability
DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...