Lucene search
China National Vulnerability DatabaseCNVD-2021-94965HistoryOct 19, 2021 - 12:00 a.m.
Apache Superset SQL Injection Vulnerability
2021-10-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
apache superset
sql injection
vulnerability
authentication
http request
EPSS
0.001
Percentile
34.2%
Apache Superset is a modern, enterprise-class business intelligence Web application. a SQL injection vulnerability exists in Apache Superset 1.3.0 and earlier versions when ENABLE_TEMPLATE_PROCESSING is enabled. An authenticated attacker can exploit this vulnerability to conduct SQL injection attacks by sending an http request with a custom URL.
Related
osv
osv
Apache Superset SQL Injection when template processing is enabled
2022-05-24 19:17:46
CVE-2021-41971
2021-10-18 15:15:07
PYSEC-2021-378
2021-10-18 15:15:00
prion
prion
Sql injection
2021-10-18 15:15:00
cve
cve
CVE-2021-41971
2021-10-18 15:15:07
nvd
nvd
CVE-2021-41971
2021-10-18 15:15:07
cvelist
cvelist
CVE-2021-41971 Possible SQL Injection when template processing is enabled
2021-10-18 14:30:14
github
github
Apache Superset SQL Injection when template processing is enabled
2022-05-24 19:17:46