Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of the Community Dashboard Editor (CDE) plugin.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
静态存储代码中指令转义处理不恰当(静态代码注入)
Vulnerability Title
Hitachi Vantara Pentaho Business Analytics Server 代码注入漏洞
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server是日本日立制作所(Hitachi)公司的一个现代数据混合、集成和业务分析平台。 Hitachi Vantara Pentaho Business Analytics Server存在安全漏洞,该漏洞源于不允许系统管理员禁用社区仪表板编辑器(CDE)插件的脚本功能。
CVSS Information
N/A
Vulnerability Type
N/A