| Título | DataGear datagear <=v5.0.0 Injection |
|---|
| Descripción | DataGear v5.0.0 has a SpEL expression injection vulnerability leading to remote code execution in the Editing and Deletion functions of the Data Schema Page |
|---|
| Fuente | ⚠️ https://gitee.com/datagear/datagear/issues/IAF3H7 |
|---|
| Usuario | nerowander (UID 72513) |
|---|
| Sumisión | 2024-08-06 04:43 (hace 2 años) |
|---|
| Moderación | 2024-08-06 08:47 (4 hours later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 273697 [DataGear hasta 5.0.0 Data Schema Page ConversionSqlParamValueMapper.java evaluateVariableExpression escalada de privilegios] |
|---|
| Puntos | 15 |
|---|