Lucene search
China National Vulnerability DatabaseCNVD-2024-01021HistoryDec 21, 2023 - 12:00 a.m.
Apache Superset SQL Injection Vulnerability (CNVD-2024-0102192)
2023-12-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
apache superset
data visualization
data exploration
sql injection
vulnerability
authenticated
remote attacker
specially crafted sql
where_in jinja macro
apache foundation
Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. Apache Superset suffers from a SQL injection vulnerability that can be exploited by an authenticated, remote attacker to send specially crafted SQL statements to the where_in JINJA macro.
Related
prion
prion
Sql injection
2023-12-19 10:15:00
osv
osv
Apache Superset SQL injection vulnerability
2023-12-19 12:30:19
CVE-2023-49736
2023-12-19 10:15:08
github
github
Apache Superset SQL injection vulnerability
2023-12-19 12:30:19
nvd
nvd
CVE-2023-49736
2023-12-19 10:15:08
cvelist
cvelist
CVE-2023-49736 Apache Superset: SQL Injection on where_in JINJA macro
2023-12-19 09:33:10
veracode
veracode
SQL Injection
2023-12-20 06:51:02
cve
cve
CVE-2023-49736
2023-12-19 10:15:08