6 matches found
CVE-2023-25504
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...
CVE-2023-25504
creationtimestamp| type| source ---|---|--- 2023-04-17 20:41:10+00:00| seen| https://t.me/cibsecurity/62293...
CVE-2023-25504
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...
CVE-2023-25504
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...
CVE-2023-25504
Apache Superset (up to and including version 2.0.1) is affected by a Server-Side Request Forgery (SSRF) vulnerability that can be exploited by an authenticated user with specific permissions through the import dataset feature to query internal resources on the server where Superset runs. The cite...
CVE-2023-25504 Apache Superset: Possible SSRF on import datasets
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...