CVE-2023-35164 in Dataease
Sumário
de MITRE • 27/06/2023
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.