oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2022-43721: Apache Superset: Open Redirect Vulnerability

From: Daniel Gaspar <dpgaspar () apache org>
Date: Mon, 16 Jan 2023 09:25:56 +0000
Severity: moderate

Description:

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could 
be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and 
prior versions and version 2.0.0.

Credit:

Positive Technologies (finder)

References:

https://superset.apache.org
https://www.cve.org/CVERecord?id=CVE-2022-43721
Previous By Date Next
Previous By Thread Next

Current thread: