Vulnerabilidades em OpenRefine
11 resultadosCVE-2023-41887CRITICALRemote Code exec in project import with mysql jdbc url attackEPSS 45.5%CVE-2024-47883CRITICALButterfly has path/URL confusion in resource handling leading to multiple weaknessesEPSS 1.6%CVE-2024-23833HIGHOpenRefine JDBC Attack VulnerabilityEPSS 1.0%CVE-2023-41886HIGHOpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attackEPSS 0.8%CVE-2024-47881HIGHOpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)EPSS 0.7%CVE-2023-37476MEDIUMZip slip in OpenRefineEPSS 0.6%CVE-2024-49760HIGHOpenRefine has a path traversal in LoadLanguageCommandEPSS 0.6%CVE-2024-47882MEDIUMOpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious projectEPSS 0.5%CVE-2024-47878HIGHReflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt)EPSS 0.4%CVE-2024-47879HIGHOpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)EPSS 0.4%CVE-2024-47880HIGHOpenRefine has a reflected cross-site scripting vulnerability from POST request in ExportRowsCommandEPSS 0.4%