CVE-2024-30269

Vulnerability Description

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the `/de2api/engine/getEngine;.js` path via a browser reveals that the platform's database configuration is returned. The vulnerability has been fixed in v2.5.0. No known workarounds are available aside from upgrading.

Vulnerability Details

Published Date

April 08, 2024

Last Modified

February 12, 2025

Source

NVD

CVE-2024-30269

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment