Lucene search
China National Vulnerability DatabaseCNVD-2021-83674HistoryOct 19, 2021 - 12:00 a.m.
Apache Superset Cross-Site Scripting Vulnerability
2021-10-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
apache superset
cross-site scripting
vulnerability
data visualization
data exploration
apache foundation
insufficient cleanup
browser pages
attacker
exploit
crafted link
arbitrary html
script code
EPSS
0.001
Percentile
40.5%
A cross-site scripting vulnerability exists in Apache Superset, a data visualization and data exploration platform from the Apache Foundation, U.S. The vulnerability stems from insufficient cleanup of user-supplied data on browser pages. An attacker could exploit the vulnerability to trick victims into clicking on a carefully crafted link and execute arbitrary HTML and script code in the user’s browser.
Related
cve
cve
CVE-2021-32609
2021-10-18 15:15:07
osv
osv
CVE-2021-32609
2021-10-18 15:15:07
PYSEC-2021-377
2021-10-18 15:15:00
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page
2022-05-24 19:17:47
prion
prion
Design/Logic Flaw
2021-10-18 15:15:00
nvd
nvd
CVE-2021-32609
2021-10-18 15:15:07
cvelist
cvelist
CVE-2021-32609 XSS vulnerability on Explore page
2021-10-18 14:30:12
github
github
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page
2022-05-24 19:17:47