CVE-2024-47878

OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the /extension/gdata/authorized endpoint includes the state GET parameter verbatim in a...

PT-2023-28143 · Unknown +2 · Mysql Connector/J +3

Name of the Vulnerable Software and Affected Versions: OpenRefine versions prior to 3.7.5 Description: An arbitrary file read issue allows any unauthenticated user to read a file on a server. This is related to the use of the MySQL JDBC connector, where an attacker can exploit the...