An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1.
CPE | Name | Operator | Version |
---|---|---|---|
apache-superset | ge | 1.3.0 | |
apache-superset | lt | 2.1.0 |