CVSS Score of 10 (low)


Published Jul 25, 2023
Updated: Aug 1, 2023


CVE-2023-37257 is a vulnerability found in DataEase, an open source data visualization analysis tool. The vulnerability, classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), is a stored cross-site scripting (XSS) vulnerability that affects versions prior to 1.18.9. This vulnerability has been fixed in version 1.18.9, and there are no known workarounds available. The risk score associated with this vulnerability is 25, categorizing it as a medium-risk threat. The affected products include various versions of DataEase and related components. Exploitation of this vulnerability could potentially lead to unauthorized access or manipulation of data within the affected organizations' systems and applications.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-37257 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options