DataEase
Moderate fix1 remedy
cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- <= 2.10.20
DataEase SQL Injection Vulnerability in CalciteProvider Component
Vulnerability
Patched
A SQL injection vulnerability has been identified in DataEase versions prior to 2.10.21. The issue arises in the '/datasource/getTableField' endpoint, where the 'tableName' parameter is directly inserted into SQL query strings without proper sanitization or parameterization. This flaw allows authenticated attackers to execute arbitrary SQL commands, potentially leading to the extraction of sensitive database information. The vulnerability can be exploited by registering an API datasource with a malicious table name, which bypasses existing validation checks.
Impact
Exploitation of this vulnerability allows for arbitrary SQL execution, with the potential to leak sensitive information from the database.
Reproduction
To reproduce this vulnerability, register an API datasource and include a malicious payload as the table name. Once the datasource is created, the injected table name will be validated and can be used to trigger the SQL injection via the '/datasource/getTableField' endpoint.
Remediation
Users are advised to upgrade to DataEase version 2.10.21, where this vulnerability has been fixed.
Added: Apr 16, 2026, 8:24 PM
Updated: Apr 16, 2026, 8:24 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
3.1exploitability
4.6remediation
7.7relevance
6.0threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.