📦 Chartbrew

Chartbrew versions before 4.8.1 contain a remote code execution vulnerability in MongoDB dataset queries. Attackers can execute arbitrary code on the server by crafting malicious queries. This affects...

Chartbrew versions before 4.8.4 have a stored cross-site scripting (XSS) vulnerability in file upload functionality. Attackers can upload malicious HTML files containing JavaScript, which when served ...

Chartbrew versions before 4.8.1 have an authorization bypass vulnerability where authenticated users can manipulate charts belonging to other projects. The application only checks project-level permis...