Submit #104215: Datagear has stored XSSinfo

TitelDatagear has stored XSS
BeschreibungDataGear is an open source and free data visualization and analysis platform, free to create any data dashboard you want, and supports access to various data sources such as SQL, CSV, Excel, HTTP interface, and JSON. Stored XSS exists in Datagear 1.11.1 and earlier versions, and attackers can implement Stored XSS by making malicious chart plug-ins. The final xss vulnerability occurred at the editing chart.Affected users should upgrade as soon as possible.
Quelle⚠️ https://github.com/yangyanglo/ForCVE/edit/main/2023-0x03.md
Benutzer
 yangyanglo (UID 43465)
Einreichung22.03.2023 05:47 (vor 3 Jahren)
Moderieren22.03.2023 12:18 (7 hours later)
StatusAkzeptiert
VulDB Eintrag223564 [DataGear bis 1.11.1 Plugin Cross Site Scripting]
Punkte19

ZurückÜbersichtWeiter

Interested in the pricing of exploits?

See the underground prices here!