CVE-2024-55081
9.8CRITICALAn XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input.
Published: 12/19/2024Updated: 1/2/2025
Description
An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input.