| Title | Datagear has stored XSS |
|---|
| Description | DataGear is an open source and free data visualization and analysis platform, free to create any data dashboard you want, and supports access to various data sources such as SQL, CSV, Excel, HTTP interface, and JSON. Stored XSS exists in Datagear 1.11.1 and earlier versions, and attacker can implement Stored XSS by crafting a malicious graph dataset. The final xss vulnerability occurs at the edit data set. Affected users should upgrade as soon as possible |
|---|
| Source | ⚠️ https://github.com/yangyanglo/ForCVE/blob/main/2023-0x04.md |
|---|
| User | yangyanglo (UID 43465) |
|---|
| Submission | 03/22/2023 05:57 (3 years ago) |
|---|
| Moderation | 03/22/2023 12:18 (6 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 223565 [DataGear up to 1.11.1 Graph Dataset cross site scripting] |
|---|
| Points | 19 |
|---|