3 matches found
CVE-2024-29890 Remote code execution in datalens-ui
DataLens is a business intelligence and data visualization system. A specifically crafted request allowed the creation of a special chart type with the ability to pass custom javascript code that would later be executed in an unprotected sandbox on subsequent requests to that chart. The problem w...
DataLens 安全漏洞
DataLens is a modern business intelligence and data visualization system open-sourced by datalens-tech. A security vulnerability exists in DataLens version 0.1449.0, which stems from the application allowing the creation of special chart types and the ability to pass custom JavaScript code that...
PT-2024-23113 · Datalens · Datalens
Name of the Vulnerable Software and Affected Versions: DataLens versions prior to 0.1449.0 Description: A specifically crafted request allowed the creation of a special chart type with the ability to pass custom javascript code that would later be executed in an unprotected sandbox on subsequent...