3 matches found
CVE-2022-26174
Beekeeper Studio 3.2.0 is affected by a remote code execution (RCE) via a crafted payload injected into display fields. Multiple connected sources corroborate the vulnerability description (RCE in Beekeeper Studio v3.2.0). The exact root cause is not fully detailed across the provided documents, ...
CVE-2023-28394
Beekeeper Studio is affected in versions prior to 3.9.9 by a code-injection vulnerability that allows a remote authenticated attacker to execute arbitrary JavaScript code with the app’s privileges, potentially enabling arbitrary OS commands on the host. Root cause: untrusted JavaScript execution ...
CVE-2022-43143
CVE-2022-43143 affects Beekeeper Studio v3.6.6 and is described as a cross-site scripting (XSS) vulnerability allowing arbitrary web scripts/HTML via a crafted payload injected into the error modal container. The CVSS v3.1 base score is 9.6 (CRITICAL) with network attack vector, no privileges req...