DataGear v5.0.0 and previous versions exists to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface.
PoC of CVE-2024-37759
CVE-2024-37759_PoC PoC of CVE-2024-37759