CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49781 – NocoDB Vulnerable to Stored Cross-Site Scripting in Formula.vue
https://notcve.org/view.php?id=CVE-2023-49781
NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are processed by the function replaceUrlsWithLink(). This function recognizes the pattern URI::(XXX) and creates a hyperlink tag <a> with href=XXX. However, it leaves all the other contents outside of the pattern URI::(XXX) unchanged. • https://github.com/nocodb/nocodb/commit/7f58ce3726dfec71537d8b80474a0f95a48a1574 https://github.com/nocodb/nocodb/security/advisories/GHSA-h6r4-xvw6-jc5h • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50718 – NocoDB SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-50718
NocoDB is software for building databases as spreadsheets. Prior to version 0.202.10, an authenticated attacker with create access could conduct a SQL Injection attack on MySQL DB using unescaped `table_name`. This vulnerability may result in leakage of sensitive data in the database. Version 0.202.10 contains a patch for the issue. NocoDB es un software para crear bases de datos como hojas de cálculo. • https://github.com/nocodb/nocodb/security/advisories/GHSA-8fxg-mr34-jqr8 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50717 – NocoDB Allows Preview of File with Dangerous Content
https://notcve.org/view.php?id=CVE-2023-50717
NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site scripting attack. This allows remote attacker to execute JavaScript code in the context of the user accessing the vector. An attacker could have used this vulnerability to execute requests in the name of a logged-in user or potentially collect information about the attacked user by displaying a malicious form. • https://github.com/nocodb/nocodb/security/advisories/GHSA-qg73-g3cf-vhhh • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43794 – SQL Injection in nocodb
https://notcve.org/view.php?id=CVE-2023-43794
Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL queries to be executed. Since this is a blind SQL injection, an attacker may need to use time-based payloads which would include a function to delay execution for a given number of seconds. The response time indicates, whether the result of the query execution was true or false. • https://github.com/nocodb/nocodb/security/advisories/GHSA-3m5q-q39v-xf8f • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5104 – Improper Input Validation in nocodb/nocodb
https://notcve.org/view.php?id=CVE-2023-5104
Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0. Validación de Entrada Incorrecta en el repositorio de GitHub nocodb/nocodb anterior a 0.96.0. • https://github.com/nocodb/nocodb/commit/db0385cb8aab2a34e233454607f59152ac62b3e2 https://huntr.dev/bounties/1b5c6d9f-941e-4dd7-a964-42b53d6826b0 • CWE-20: Improper Input Validation •