CVE-2023-40183 – DataEase has a vulnerability to obtain user cookies
https://notcve.org/view.php?id=CVE-2023-40183
DataEase is an open source data visualization and analysis tool. Prior to version 1.18.11, DataEase has a vulnerability that allows an attacker to to obtain user cookies. The program only uses the `ImageIO.read()` method to determine whether the file is an image file or not. There is no whitelisting restriction on file suffixes. This allows the attacker to synthesize the attack code into an image for uploading and change the file extension to html. • https://github.com/dataease/dataease/commit/826513053146721a2b3e09a9c9d3ea41f8f10569 https://github.com/dataease/dataease/releases/tag/v1.18.11 https://github.com/dataease/dataease/security/advisories/GHSA-w2r4-2r4w-fjxv • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-40771
https://notcve.org/view.php?id=CVE-2023-40771
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function. Una vulnerabilidad de inyección SQL en DataEase v1.18.9 permite a un atacante remoto obtener información confidencial a través de una cadena manipulada fuera de la función "blacklist". • https://github.com/dataease/dataease/issues/5861 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •