CVE-2025-68645

A Local File Inclusion LFI vulnerability exists in the Webmail Classic UI of Zimbra Collaboration ZCS 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influenc...

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2020-44095)

Apache Airflow is the United States Apache Apache Software Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in the Chart page of the...

PYSEC-2020-23

An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was discovered in the Chart pages of the the "classic" UI...

PT-2020-20695 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 1.10.10 and below Description: A stored XSS issue was discovered in the Chart pages of the "classic" UI. Recommendations: For Apache Airflow versions 1.10.10 and below, update to a version above 1.10.10 to resolve the...