Dataease: Security Vulnerabilities
An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-07-22
In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-02-08
Page 5