Lucene search
China National Vulnerability DatabaseCNVD-2023-05219HistoryJan 18, 2023 - 12:00 a.m.
Apache Superset Cross-Site Scripting Vulnerability (CNVD-2023-05219)
2023-01-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
apache
superset
cross-site scripting
0.001 Low
EPSS
Percentile
32.8%
A cross-site scripting vulnerability exists in Apache Superset, a data visualization and data exploration platform from the Apache Foundation. The vulnerability stems from a failure of the upload data form to properly render user input, which could be exploited by an attacker to cause a cross-site scripting attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache superset | le | 1.5.2 | |
| apache superset | eq | 2.0.0 |
Related
cve
cve
CVE-2022-43718
2023-01-16 11:15:10
cvelist
cvelist
osv
osv
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
2023-01-16 12:30:18
CVE-2022-43718
2023-01-16 11:15:10
veracode
veracode
Cross-site Scripting (XSS)
2023-01-18 01:39:58
prion
prion
Design/Logic Flaw
2023-01-16 11:15:00
nvd
nvd
CVE-2022-43718
2023-01-16 11:15:10
github
github
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
2023-01-16 12:30:18