CVE-2023-37257 Information

Description

DataEase is an open source data visualization analysis tool. Prior to version 1.18.9 the DataEase panel and dataset have a stored cross-site scripting vulnerability. The vulnerability has been fixed in v1.18.9. There are no known workarounds.

Reference

https://github.com/dataease/dataease/security/advisories/GHSA-7cm3-9pp6-q2fq https://github.com/dataease/dataease/releases/tag/v1.18.9