Lucene search
K

26 matches found

CNNVD
CNNVD
added 2020/12/11 12:0 a.m.7 views

Apache Airflow 跨站脚本漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow cross-site scripting vulnerability , the vulnerability stems from...

6.1CVSS6.6AI score0.16028EPSS
Exploits0References12
CNVD
CNVD
added 2020/09/18 12:0 a.m.3 views

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2020-52628)

Apache Airflow is an open source tool for orchestrating complex computational workflows and data processing pipelines. A cross-site scripting vulnerability exists in the 'origin' parameter passed to certain endpoints in Apache Airflow versions prior to 1.10.12. No detailed vulnerability details a...

6.1CVSS6.2AI score0.25076EPSS
Exploits0References1
PyPA
PyPA
added 2020/09/17 2:15 p.m.6 views

PYSEC-2020-19

In Apache Airflow 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit...

6.1CVSS6.4AI score0.25076EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2020/09/17 2:1 p.m.33 views

CVE-2020-13944

In Apache Airflow 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit...

5.8AI score0.25076EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2020/09/17 12:0 a.m.2 views

PT-2020-13795 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 1.10.12 Description: The issue concerns a XSS exploit in Apache Airflow. The origin parameter passed to certain endpoints, such as /trigger, is vulnerable to this exploit. Recommendations: For versions prior t...

6.1CVSS6AI score0.25076EPSS
Exploits0References35
CNVD
CNVD
added 2015/04/27 12:0 a.m.3 views

Dokeos 'forum' and 'origin' cross-site scripting vulnerabilities

Dokeos is an open source online education and course management system . The system supports file uploading , courseware production , notification and other teaching support functions. Dokeos 1.8.4 and previous versions of cross-site scripting vulnerabilities , the vulnerability stems from...

4.3CVSS6.4AI score0.01765EPSS
Exploits1References1
Rows per page
Query Builder