Vulnerabilities > Dataease > Dataease > 1.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-15 | CVE-2021-38239 | SQL Injection vulnerability in Dataease SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10. | 7.5 |
2022-10-25 | CVE-2022-39312 | Deserialization of Untrusted Data vulnerability in Dataease Dataease is an open source data visualization analysis tool. | 9.8 |