PT-2026-2029 · Questdb+1 · Questdb+1

59Lab

+1

·

Publicado

2026-01-10

·

Atualizado

2026-01-10

·

CVE-2026-0824

CVSS v2.0

4.0

Média

VetorAV:N/AC:L/Au:S/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions questdb ui versions up to 1.11.9
Description A security flaw exists in the Web Console component of questdb ui, potentially leading to cross-site scripting. The issue is remotely exploitable, and an exploit has been publicly released. The vulnerability involves manipulation of an unknown function within the Web Console.
Recommendations Upgrade to version 1.11.10 to address this issue. Upgrade to QuestDB 9.3.0 to address this issue.

Exploit

Correção

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2026-0824
GHSA-XF94-H87H-G9WR

Produtos afetados

Questdb
Questdb Ui