Количество 2
Количество 2
CVE-2023-42502
около 2 лет назад
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.
CVSS3: 4.8
EPSS: Низкий
GHSA-hc74-9vjm-c9xv
около 2 лет назад
Apache Superset Open Redirect vulnerability
CVSS3: 5.4
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-42502 An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0. | CVSS3: 4.8 | 0% Низкий | около 2 лет назад |
| GHSA-hc74-9vjm-c9xv Apache Superset Open Redirect vulnerability | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу
20