Lucene search
K

4 matches found

CVE
CVE
added 2026/06/23 8:15 p.m.23 views

CVE-2026-47384

CVE-2026-47384 – NocoDB SQL Injection via Column Title in Bulk GroupBy : An authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column title to a SQL fragment. The vulnerable code path builds three database-specific knex.raw() aggregations t...

5.3CVSS5.9AI score0.00306EPSS
Exploits0References1
OSV
OSV
added 2026/03/03 8:58 p.m.4 views

GHSA-8VM4-G489-V3W7 NocoDB Vulnerable to Stored Cross-Site Scripting via Comments and Rich Text Cells

Summary User-controlled content in comments and rich text cells was rendered via v-html without sanitization, enabling stored XSS. Details Comments in Comments.vue and rich text in TextArea.vue were parsed by markdown-it with html: true and injected via v-html. The codebase had vue-dompurify-html...

5.3CVSS5.9AI score0.00143EPSS
Exploits0References4
OSV
OSV
added 2026/03/02 7:42 p.m.4 views

GHSA-387M-J3P9-3PHP NocoDB Vulnerable to User Enumeration via Password Reset Endpoint

Summary The password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. Details POST /api/v2/auth/password/forgot returned a success message for registered emails but 'Your email has not been registered.' for unknown emails. The fix...

6.9CVSS5.9AI score0.00601EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/02 4:19 p.m.6 views

CVE-2026-28398

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, user-controlled content in comments and rich text cells was rendered via v-html without sanitization, enabling stored XSS. This issue has been patched in version 0.301.3...

5.4CVSS5.8AI score0.00143EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder