Arbitrary File Read Vulnerability in Davinci 0.3.0-rc
CVE-2023-31847 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.