Lucene search
ApacheCVELIST:CVE-2022-43721HistoryJan 16, 2023 - 10:10 a.m.
CVE-2022-43721 Apache Superset: Open Redirect Vulnerability
2023-01-1610:10:52
CWE-601
apache
www.cve.org
3
apache superset
open redirect
authenticated attacker
untrusted site
dataset link
EPSS
0.001
Percentile
45.9%
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset.Β This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Superset",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.0.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
osv
osv
Apache Superset Open Redirect vulnerability
2023-01-16 12:30:17
CVE-2022-43721
2023-01-16 11:15:10
prion
prion
Design/Logic Flaw
2023-01-16 11:15:00
github
github
Apache Superset Open Redirect vulnerability
2023-01-16 12:30:17
nvd
nvd
CVE-2022-43721
2023-01-16 11:15:10
veracode
veracode
Open Redirect
2023-01-18 05:10:33
cve
cve
CVE-2022-43721
2023-01-16 11:15:10