Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

metersphere — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in metersphere, with AI-generated Chinese analysis, references, and POCs.

Vendor: metersphere

CVE IDTitleCVSSSeverityPublished
CVE-2025-62604 MeterSphere logic flaw allows retrieval of arbitrary user information CWE-200 7.5AIHighAI2025-10-22
CVE-2025-53639 Metersphere has SQL Injection Vulnerability in Sorting Field CWE-89 8.8AIHighAI2025-07-14
CVE-2024-37161 MeterSphere front-end editor stores XSS vulnerability CWE-79 4.0 Medium2024-06-11
CVE-2024-36118 Unauthorized viewing of workspace test cases in MeterSphere CWE-200 3.5 Low2024-05-30
CVE-2024-32467 Meteraphsere vulnerable to unauthorized viewing by workspace members CWE-200 5.7 Medium2024-04-25
CVE-2023-50267 MeterSphere horizontal privilege escalation vulnerability of resources in project scope. CWE-269 4.3 Medium2023-12-28
CVE-2023-41878 Weak password of selenium VNC in MeterSphere CWE-798 4.6 Medium2023-09-26
CVE-2023-38494 The cloud version of the MeterSphere interface leaks some sensitive data without authentication CWE-200 5.9 Medium2023-08-04
CVE-2023-37461 Path traversal in metersphere CWE-22 5.6 Medium2023-07-17
CVE-2023-35937 Metersphere missing permission check CWE-862 6.0 Medium2023-07-06
CVE-2023-32699 MeterSphere denial of service vulnerability CWE-770 6.5 Medium2023-05-30
CVE-2023-30550 IDOR vulnerability exists in metersphere CWE-639 6.8 Medium2023-05-04
CVE-2023-25814 Arbitrary File Read Vulnerability in metersphere CWE-22 7.1 High2023-03-09
CVE-2023-25573 Improper access control to download file in metersphere CWE-862 8.6 High2023-03-09
CVE-2022-46178 Path Traversal In MeterSpere allows file upload to any path CWE-22 7.4 High2022-12-29
CVE-2022-23544 Server-Side Request Forgery in Metersphere leads to Cross-Site Scripting CWE-918 7.2 High2022-12-27
CVE-2022-23512 Metersphere is vulnerable to Path Injection. CWE-22 7.7 High2022-12-14

All 17 known CVE vulnerabilities affecting metersphere with full Chinese analysis, references, and POCs where available.