Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2024-01016
HistoryDec 25, 2023 - 12:00 a.m.

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2024-0101622)

2023-12-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
apache airflow
xss
cross-site scripting
vulnerability
user-supplied data
filtering
escaping

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

43.6%

Apache Airflow is the United States Apache (Apache) Foundation’s set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow Apache Airflow cross-site scripting vulnerability , the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping , an attacker can exploit the vulnerability through the injection of a well-designed payload to execute arbitrary Web script or HTML.

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

43.6%