4 matches found
CVE-2026-50530
DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a share mode chart data interface only validates that sceneId matches the resourceId in the link token and fails to validate whether tableId and field IDs in the request body belong to the shared resource, allowing...
PT-2026-56245
Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description A share mode chart data interface fails to validate whether the tableId and field IDs provided in the request body belong to the shared resource. It only verifies that the sceneId matches the...
CVE-2025-66513 Nextcloud Tables app share information not limited to relevant users
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.9, 0.9.6, and 1.0.1, the information which table numeric ID is shared with which groups or users and the respective permissions was not limited to privileged users. This vulnerability is fixed in 0.8.9,...
PT-2024-35347 · Nextcloud · Nextcloud Tables
Name of the Vulnerable Software and Affected Versions: Nextcloud Tables versions prior to 0.8.1 Description: The issue concerns the sharing of table information in Nextcloud Tables, where the details about which table identified by a numeric ID is shared with specific groups and users, along with...