Dataease · Dataease · CVE-2023-37258
**Name of the Vulnerable Software and Affected Versions**
DataEase versions prior to 1.18.9
**Description**
DataEase is an open source data visualization analysis tool. It has a SQL injection vulnerability that can bypass blacklists.
**Recommendations**
For versions prior to 1.18.9, update to version 1.18.9 to resolve the issue.