Описание
An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| airflow | itp | package |
EPSS
Процентиль: 61%
0.00411
Низкий
Связанные уязвимости
CVSS3: 5.4
nvd
больше 5 лет назад
An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.
CVSS3: 5.4
github
больше 5 лет назад
Multiple stored XSS in RBAC Admin screens in Apache Airflow
EPSS
Процентиль: 61%
0.00411
Низкий