← Back

Dashbuilder

dashbuilder

Vendor: Redhat • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-4999
1Redhat
3Dashbuilder
Jboss Bpm SuiteJboss Enterprise Brms Platform
May 6, 2026
Aug 5, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL...Show more
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.Show less