CVE-2022-34113: Dataease before 1.11.2 allows arbitrary code execution via crafter plugin

Severity: Critical

CVSS Score: 9.8

An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.