Количество 2
Количество 2
CVE-2022-43720
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
GHSA-fpmr-qmgh-42x2
Apache Superset vulnerable to Injection
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-43720 An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. | CVSS3: 5.4 | 2% Низкий | около 3 лет назад |
| GHSA-fpmr-qmgh-42x2 Apache Superset vulnerable to Injection | CVSS3: 5.4 | 2% Низкий | около 3 лет назад |
Уязвимостей на страницу