Nocodb Security Vulnerabilities and Issues — Nocodb CVE List

Lucene search

NocodbNocodb

3 matches found

CVE•added 2024/05/14 2:17 p.m.•58 views

CVE-2023-50718

NocoDB is software for building databases as spreadsheets. Prior to version 0.202.10, an authenticated attacker with create access could conduct a SQL Injection attack on MySQL DB using unescaped table_name. This vulnerability may result in leakage of sensitive data in the database. Version 0.202.1...

6.5CVSS6.6AI score0.0017EPSS

CVE•added 2024/05/14 2:17 p.m.•52 views

CVE-2023-50717

NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site scripting attack. Th...

5.7CVSS6AI score0.00324EPSS

CVE•added 2024/05/14 2:6 p.m.•37 views

CVE-2023-49781

NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are pr...

7.6CVSS5.7AI score0.00955EPSS