Vulnerability in Dataease
CVE-2025-49003
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the char…
EPSS: 0.022 (84.6th percentile) — read the EPSS interpretation.
Affected products
- Dataease — versions < 2.10.11
Weakness classification (CWE)
References
- https://github.com/dataease/dataease/security/advisories/GHSA-x97w-69ff-r55q (x_refsource_CONFIRM)