Lucene search
K

4 matches found

OSV
OSV
added 2025/07/01 12:33 a.m.5 views

CVE-2025-53005 Dataease PostgreSQL Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has...

9.3CVSS6.7AI score0.00522EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/05 9:18 p.m.28 views

CVE-2025-49001

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a JWT token. The vulnerability has been fixed in v2.10.10. No known workarounds are available...

9.8CVSS6.8AI score0.19386EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/13 4:49 p.m.27 views

CVE-2025-27138 DataEase has an improper authentication vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which may cause the risk of unauthorized access. The vulnerability has been fixed in v2.10.6. No known...

8.7CVSS0.00542EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

SpagoBI 4.0 - Persistent XSS Vulnerability

No description provided by source. 01. Advisory Information Title: Persistent Cross-Site Scripting XSS in SpagoBI Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE...

3.5CVSS6.5AI score0.03655EPSS
Exploits7
Rows per page
Query Builder