Critical Remote Exploit in DataGear Up to 5.0.0
A critical vulnerability exists in DataGear versions up to 5.0.0. The issue is located in the function evaluateVariableExpression in the file ConversionSqlParamValueMapper.java, specifically within the Data Schema Page component. This vulnerability arises due to improper neutralization of special elements used in expression language statements. An attacker can exploit this flaw remotely. The exploit details have been made public. This vulnerability is identified as VDB-273697.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
datagear datagear |