2 matches found
Cross site request forgery (csrf)
Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...
PT-2023-14667
Name of the Vulnerable Software and Affected Versions Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 Description The system allowed an unauthenticated user to access dashboard configuration metadata using a REST API Get endpoint when the feature flag DASHBOARD CACHE was...