Lucene search
CVE-2022-43720
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2022-43720 | 16 Jan 202311:15 | β | nvd |
 | Apache Superset vulnerable to Injection | 16 Jan 202312:30 | β | osv |
| CVE-2022-43720 | 16 Jan 202311:15 | β | osv |
| BIT-SUPERSET-2022-43720 | 5 Feb 202507:28 | β | osv |
 | Design/Logic Flaw | 16 Jan 202311:15 | β | prion |
 | CVE-2022-43720 Apache Superset: Improper rendering of user input | 16 Jan 202310:10 | β | vulnrichment |
 | Cross-site Scripting (XSS) | 18 Jan 202304:06 | β | veracode |
 | Apache Superset vulnerable to Injection | 16 Jan 202312:30 | β | github |
 | CVE-2022-43720 Apache Superset: Improper rendering of user input | 16 Jan 202310:10 | β | cvelist |
[
{
"defaultStatus": "unaffected",
"product": "Apache Superset",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.0.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]| Source | Link |
|---|---|
| lists | www.lists.apache.org/thread/jts6x56kghr9mbowb653bk70pl81jp8l |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo16 Jan 2023 11:15Current
5.3Medium risk
Vulners AI Score5.3
CVSS35.4
EPSS0.00421
SSVC