SQL Injection

io.dataease, dataease-plugin-common is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the dataSourceId parameter, which allows an attacker to inject and execute arbitrary SQL queries...

GHSA-VJMR-6PMM-RPRF Dataease v1.11.1 SQL Injection via parameter dataSourceId

Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. Version 1.11.2 contains a fix...

GHSA-HMVW-66JM-H9FH SQL Injection found in Dataease

Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. Version 1.11.2 contains a fix...