Lucene search
China National Vulnerability DatabaseCNVD-2023-05220HistoryJan 18, 2023 - 12:00 a.m.
Apache Superset Cross-Site Scripting Vulnerability (CNVD-2023-05220)
2023-01-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
apache
superset
cross-site scripting
vulnerability
data visualization
exploration
dashboard
markdown
attack
EPSS
0.001
Percentile
32.6%
A cross-site scripting vulnerability exists in Apache Superset, a data visualization and data exploration platform from the Apache Foundation. The vulnerability stems from a failure of the dashboard rendering to adequately clean up the content of the Markdown component, which could be exploited by an attacker to cause a cross-site scripting attack.
Related
cvelist
cvelist
CVE-2022-43717 Apache Superset: Cross-Site Scripting on dashboards
2023-01-16 10:08:04
cve
cve
CVE-2022-43717
2023-01-16 11:15:10
osv
osv
CVE-2022-43717
2023-01-16 11:15:10
Apache Superset vulnerable to Cross-site Scripting
2023-01-16 12:30:18
nvd
nvd
CVE-2022-43717
2023-01-16 11:15:10
veracode
veracode
Cross-site Scripting (XSS)
2023-01-18 02:55:19
prion
prion
Design/Logic Flaw
2023-01-16 11:15:00
github
github
Apache Superset vulnerable to Cross-site Scripting
2023-01-16 12:30:18