Lucene search
K

8 matches found

EUVD
EUVD
added 2025/12/16 12:30 a.m.8 views

EUVD-2025-203473

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...

8.8CVSS6.5AI score0.00362EPSS
Exploits0References2
NVD
NVD
added 2025/12/15 11:15 p.m.5 views

CVE-2025-9121

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...

8.8CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 2025/12/15 11:15 p.m.7 views

CVE-2025-9122

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

5.3CVSS0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.5 views

PT-2025-51323

Name of the Vulnerable Software and Affected Versions Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions 8.3.x and 9.3.0.x through 10.1.9.x Description The software deserializes untrusted JSON data without restricting the parser to approved classes and methods...

8.8CVSS6.8AI score0.00362EPSS
Exploits0References7
OSV
OSV
added 2021/01/29 7:15 p.m.4 views

CVE-2020-24670

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'type' attribute of 'dashboardXml' parameter...

5.4CVSS6.3AI score0.0062EPSS
Exploits0References2
OSV
OSV
added 2021/01/29 7:15 p.m.5 views

CVE-2020-24665

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service DoS condition. Specifically, the vulnerability lies in the 'dashboardXml' parameter. Remediated in ...

6.5CVSS6.7AI score0.01089EPSS
Exploits0References2
OSV
OSV
added 2021/01/29 7:15 p.m.5 views

CVE-2020-24664

The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'pho:title' attribute of 'dashboardXml' parameter...

5.4CVSS6AI score
Exploits0References2
CNNVD
CNNVD
added 2021/01/29 12:0 a.m.7 views

Hitachi Vantara Pentaho 跨站脚本漏洞

Pentaho is a Business Intelligence BI software that provides data integration, OLAP services, reporting, information dashboards, data mining, and Extract, Transform, Load ETL capabilities. A reflected cross-site scripting vulnerability exists in the 'type' attribute of the 'dashboardXml' paramete...

5.4CVSS6.2AI score0.0062EPSS
Exploits0References3
Rows per page
Query Builder