CVE-2023-35164

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 1.18.8

Description The issue is related to a missing authorization check, allowing unauthorized users to manipulate a dashboard created by the administrator in an open source data visualization analysis tool.

Recommendations For versions prior to 1.18.8, upgrade to version 1.18.8 to resolve the issue. As a temporary workaround, consider restricting access to dashboards created by administrators until the upgrade is applied.