7 matches found
CVE-2024-37759
DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...
CVE-2024-37759
DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...
CVE-2024-37759
DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...
CVE-2024-37759
DataGear v5.0.0 and earlier contains a SpEL (Spring Expression Language) expression injection in the Data Viewing interface. Root cause: SpEL injection can be triggered when viewing data, potentially enabling arbitrary code execution. Exploitation and PoC exist (GitHub proof of concept shows remo...
CVE-2024-37759
DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...
DataGear Security Breach
DataGear is an open source, free data visualization and analysis platform from DataGear, Inc. A security vulnerability exists in DataGear v5.0.0 and prior versions, which originates from the Data Viewing interface containing a SpEL expression injection...
PT-2024-27732 · Datagear · Datagear
Name of the Vulnerable Software and Affected Versions: DataGear versions 5.0.0 and earlier Description: A SpEL Spring Expression Language expression injection issue was found in the Data Viewing interface. This allows for potential malicious activity via the injection of expressions...