xiaoxiaoranxxx/CVE-2025-70828

xiaoxiaoranxxx/CVE-2025-70828

GitHubGitHub
GitHubgithub.com
Releases0
Stars1
Datart v1.0.0-rc.3 JDBC Connection String Injection Leading to Arbitrary File Read
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2025-70828
8.8 HIGH

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration