CVE-2026-33207 | DataEase up to 2.10.20 getTableField tableName sql injection

A vulnerability marked as critical has been reported in DataEase up to 2.10.20. Affected by this issue is some unknown functionality of the file /datasource/getTableField. Performing a manipulation of the argument tableName results in sql injection.

This vulnerability was named CVE-2026-33207. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More