Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.  Users are recommended to upgrade to version 2.9.1, which fixes this issue.

Apache Airflow version 2.9.0 has a vulnerability that allows an authen ...

Apache Airflow: XSS vulnerability in Task Instance Log/Log Details