CVE-2025-70828

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration

xiaoxiaoranxxx/CVE-2025-70828
xiaoxiaoranxxx/CVE-2025-70828
Datart v1.0.0-rc.3 JDBC Connection String Injection Leading to Arbitrary File Read
GitHubGitHub
1