A vulnerability classified as critical was found in open-metadata OpenMetadata up to 1.2.3. This vulnerability affects the function
AlertUtil::validateExpression
. The manipulation leads to code injection.
This vulnerability was named CVE-2024-28847. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.