Vulnerabilities > Openrefine

DATE CVE VULNERABILITY TITLE RISK
2024-10-24 CVE-2024-49760 Path Traversal vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
low complexity
openrefine CWE-22
5.3
2024-10-24 CVE-2024-47878 Cross-site Scripting vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
low complexity
openrefine CWE-79
6.1
2024-10-24 CVE-2024-47880 Cross-site Scripting vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
high complexity
openrefine CWE-79
6.9
2024-10-24 CVE-2024-47881 SQL Injection vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
low complexity
openrefine CWE-89
8.8
2024-10-24 CVE-2024-47882 Cross-site Scripting vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
low complexity
openrefine CWE-79
6.1
2024-10-24 CVE-2024-47883 Path Traversal vulnerability in Openrefine Butterfly
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework.
network
low complexity
openrefine CWE-22
critical
9.1
2024-02-12 CVE-2024-23833 Incorrect Authorization vulnerability in Openrefine
OpenRefine is a free, open source power tool for working with messy data and improving it.
network
low complexity
openrefine CWE-863
7.5
2023-09-15 CVE-2023-41886 SQL Injection vulnerability in Openrefine
OpenRefine is a powerful free, open source tool for working with messy data.
network
low complexity
openrefine CWE-89
7.5
2023-09-15 CVE-2023-41887 SQL Injection vulnerability in Openrefine
OpenRefine is a powerful free, open source tool for working with messy data.
network
low complexity
openrefine CWE-89
critical
9.8
2023-08-04 CVE-2022-41401 Server-Side Request Forgery (SSRF) vulnerability in Openrefine
OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.
network
low complexity
openrefine CWE-918
6.5