CVE-2023-41886
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack in maven/org.openrefine/database
Identifiers
GHSA-qqh2-wvmv-h72m, CVE-2023-41886
Package Slug
maven/org.openrefine/database
Vulnerability
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
Description
An arbitrary file read vulnerability allows any unauthenticated user to read the file on the server.
Affected Versions
All versions up to 3.7.4
Solution
Upgrade to version 3.7.5 or above.
Last Modified
2023-09-13
| source |