CVE-2026-33082 | DataEase up to 2.10.20 exportDataset expressionTree sql injection (GHSA-xxpw-2c8q-g693)

A vulnerability labeled as critical has been found in DataEase up to 2.10.20. This affects an unknown function of the file /de2api/datasetTree/exportDataset. The manipulation of the argument expressionTree results in sql injection.

This vulnerability was named CVE-2026-33082. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More