A vulnerability classified as critical was found in open-metadata OpenMetadata up to 1.2.3. This vulnerability affects the function AlertUtil::validateExpression. The manipulation leads to code injection.

This vulnerability was named CVE-2024-28847. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.