Security Advisory
CVE-2023-31847
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.