CVE-2022-39361 - How a Metabase Sample Database Bug Led to Remote Code Execution (RCE)
Metabase makes it easy for anyone to explore and visualize data. But in late 2022, a critical security issue was discovered that could let attackers
CVE-2022-43776 - Exploiting SSRF in Metabase's /api/geojson Using 301/302 Redirects
In October 2022, a critical Server Side Request Forgery (SSRF) vulnerability was identified in Metabase, an open-source business intelligence tool. The vulnerability, tracked as CVE-2022-43776,