| 제목 | Datagear has stored XSS |
|---|
| 설명 | DataGear is an open source and free data visualization and analysis platform, free to create any data dashboard you want, and supports access to various data sources such as SQL, CSV, Excel, HTTP interface, and JSON. Stored XSS exists in Datagear version 4.5.1 and before, and attackers can implement stored XSS by making malicious chart plug。The trigger point of the final vulnerability is described in the diagram type in the diagram。 |
|---|
| 원천 | ⚠️ https://github.com/yangyanglo/ForCVE/blob/main/2023-0x02.md |
|---|
| 사용자 | yangyanglo (UID 43465) |
|---|
| 제출 | 2023. 03. 21. PM 04:58 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 03. 31. PM 12:46 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 224673 [DataGear 까지 4.5.1 Diagram Type 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 19 |
|---|