Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

metersphere — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting metersphere. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by metersphere:metersphere
CVE IDTitleCVSSSeverityPublished
CVE-2025-62604 MeterSphere logic flaw allows retrieval of arbitrary user information — metersphereCWE-200 7.5AIHighAI2025-10-22
CVE-2025-53639 Metersphere has SQL Injection Vulnerability in Sorting Field — metersphereCWE-89 8.8AIHighAI2025-07-14
CVE-2024-37161 MeterSphere front-end editor stores XSS vulnerability — metersphereCWE-79 4.0 Medium2024-06-11
CVE-2024-36118 Unauthorized viewing of workspace test cases in MeterSphere — metersphereCWE-200 3.5 Low2024-05-30
CVE-2024-32467 Meteraphsere vulnerable to unauthorized viewing by workspace members — metersphereCWE-200 5.7 Medium2024-04-25
CVE-2023-50267 MeterSphere horizontal privilege escalation vulnerability of resources in project scope. — metersphereCWE-269 4.3 Medium2023-12-28
CVE-2023-41878 Weak password of selenium VNC in MeterSphere — metersphereCWE-798 4.6 Medium2023-09-26
CVE-2023-38494 The cloud version of the MeterSphere interface leaks some sensitive data without authentication — metersphereCWE-200 5.9 Medium2023-08-04
CVE-2023-37461 Path traversal in metersphere — metersphereCWE-22 5.6 Medium2023-07-17
CVE-2023-35937 Metersphere missing permission check — metersphereCWE-862 6.0 Medium2023-07-06
CVE-2023-32699 MeterSphere denial of service vulnerability — metersphereCWE-770 6.5 Medium2023-05-30
CVE-2023-30550 IDOR vulnerability exists in metersphere — metersphereCWE-639 6.8 Medium2023-05-04
CVE-2023-25814 Arbitrary File Read Vulnerability in metersphere — metersphereCWE-22 7.1 High2023-03-09
CVE-2023-25573 Improper access control to download file in metersphere — metersphereCWE-862 8.6 High2023-03-09
CVE-2022-46178 Path Traversal In MeterSpere allows file upload to any path — metersphereCWE-22 7.4 High2022-12-29
CVE-2022-23544 Server-Side Request Forgery in Metersphere leads to Cross-Site Scripting — metersphereCWE-918 7.2 High2022-12-27
CVE-2022-23512 Metersphere is vulnerable to Path Injection. — metersphereCWE-22 7.7 High2022-12-14

This page lists every published CVE security advisory associated with metersphere. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.