CVE-2026-33084 | DataEase up to 2.10.20 DatasetDataManage Service Layer enumValueObj sort sql injection

A vulnerability described as critical has been identified in DataEase up to 2.10.20. Affected is an unknown function of the file /de2api/datasetData/enumValueObj of the component DatasetDataManage Service Layer. Such manipulation of the argument sort leads to sql injection.

This vulnerability is referenced as CVE-2026-33084. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More