A vulnerability classified as critical has been found in Dataease up to 1.18.14/2.2.x. This affects an unknown part of the file core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java. The manipulation leads to deserialization.
This vulnerability is uniquely identified as CVE-2024-23328. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.