Advisories for Maven/Io.dataease/Dataease-Plugin-Common package

SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the block list function.

DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.

Improper Neutralization in io.dataease:dataease-plugin-common. If an attacker can add some parameters in JDBC url, and connect to evil mysql server, they can trigger the mysql jdbc deserialization vulnerability, and eventually the attacker can execute through the deserialization vulnerability system commands and obtain server privileges.

Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.

DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId.

An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.

An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.