Описание
Apache Superset Open Redirect vulnerability
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
Пакеты
Наименование
apache-superset
pip
Затронутые версииВерсия исправления
<= 1.5.2
Отсутствует
Наименование
apache-superset
pip
Затронутые версииВерсия исправления
= 2.0.0
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
около 3 лет назад
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.