CVE-2024-47881 | OpenRefine up to 3.8.2 Database Extension enable_load_extension sql injection (GHSA-87cf-j763-vvh8)

Posted by Angelo Barbosa | Oct 25, 2024 | CVE

A vulnerability was found in OpenRefine up to 3.8.2 and classified as critical. Affected by this issue is some unknown functionality of the component Database Extension. The manipulation of the argument enable_load_extension leads to sql injection.

This vulnerability is handled as CVE-2024-47881. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47881 | OpenRefine up to 3.8.2 Database Extension enable_load_extension sql injection (GHSA-87cf-j763-vvh8)

Related Posts

CVE-2024-46654 | MacCMS 2024.1000.4040 Add Scheduled Task Module cross site scripting (Issue 1183)

CVE-2024-45848 | MindsDB up to 24.7.4.0 ChromaDB Integration neutralization of directives

CVE-2024-30053 | Microsoft Azure Migrate cross site scripting

CVE-2023-48795 | x-crypto on Go Privilege Escalation