Dataease · Dataease · CVE-2022-34115
**Name of the Vulnerable Software and Affected Versions**
DataEase version 1.11.1
**Description**
The issue is related to a SQL injection vulnerability. It occurs via the parameter `dataSourceId`. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.
**Recommendations**
For DataEase version 1.11.1, update to version 1.11.2 to resolve the issue. As a temporary workaround, consider restricting access to the `dataSourceId` parameter to minimize the risk of exploitation.