17 matches found
Information Disclosure
apachesuperset is vulnerable to Information Disclosure. The vulnerability is due to improper handling of error messages, exposing sensitive analytics metadata, which allows an attacker to gain access to this information, potentially aiding in further attacks or revealing system details...
Stored Cross Site Scripting (XSS)
apachesuperset is vulnerable to Stored Cross Site Scripting XSS. An authenticated attacker with create or update permissions on charts or dashboards could store a malicious script or add a specific HTML snippet, resulting in Stored Cross Site Scripting XSS...
Denial Of Service (DoS)
apachesuperset is vulnerable to Denial Of Service. The vulnerability is caused by a lack size checks for each file within a ZIP archive. This allows an attacker to upload a maliciously crafted ZIP file such as a ZIP bomb or an oversized file, and upon decompression. This flaw can result in...
Denial Of Service (DoS)
apachesuperset is vulnerable to Denial Of Service DoS. The vulnerability is caused by a lack rate limiting in the API and dashboard functionalities. An attacker with authenticated access, could exploit this vulnerability by initiating multiple concurrent requests for dashboard exports. This can...
Deserialization Of Untrusted Data
apachesuperset is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper object sanitization; if an unauthorized attacker was to obtain write access to the metadata database of Apache Superset, they could persist a specifically crafted Python object that results in...
Authentication Bypass
apachesuperset is vulnerable to Authentication Bypass. The vulnerability is due to a default secret key in which allows an attacker to authenticate and access unauthorized resources when the default configuration of SECRETKEY is not altered according to the installation instructions...
Information Disclosure
apachesuperset is vulnerable to Information Disclosure. A remote authenticated attacker is able to gain access to metadata information using non trivial methods, resulting in disclosure of sensitive information...
Improper Access Control
apachesuperset is vulnerable to Improper Access Control. The vulnerability exists in api.py due to explicitly enabling the DASHBOARDCACHE feature which allows an unauthenticated user to access dashboard configuration metadata using a rest api GET endpoint...
Cross-site Scripting (XSS)
apachesuperset is vulnerable to Cross-Site Scripting XSS attacks. The library does not sufficiently sanitize the content of markdown components, which allows an attacker with dashboard "create" permissions to inject and execute malicious JavaScript due to the dashboard rendering mechanism failing...
Information Disclosure
apachesuperset is vulnerable to Information Disclosure. A remote authenticated attacker with read access to a specific database can add subqueries to the WHERE and HAVING fields, resulting in references to tables on the same database that the attacker should not have access to. The perimeter to...
Cross-site Scripting (XSS)
apachesuperset is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly render user inputs via the Upload data forms endpoint, allowing an authenticated attacker with database connection update permissions to inject and execute malicious JavaScript...
Information Disclosure
apachesuperset is vulnerable to information disclosure. The vulnerability exists in apply function in base.py because the permission to access metadata is not properly handled which allows an attacker to gain access to sensitive information such as dataset name, columns and metrics...
SQL Injection
apachesuperset is vulnerable to SQL injection. An attacker is able to inject malicious SQL via chart data requests...
Information Disclosure
apachesuperset is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization of the output of the password during database connection allowing an attacker to access password via the database...
Open Redirection
apachesuperset is vulnerable to open redirection. The vulnerability exists due to the lack of validation in the short URL which would allow an attacker to redirect a user to a malicious website...
Remote Code Execution (RCE)
apachesuperset is vulnerable to remote code execution RCE. Failure to validate a number of templated text fields allows an authenticated user to send malicious requests and gain access to Pythons os package in the web application process and access files, environment variables and process...
Information Disclosure
apachesuperset is vulnerable to information disclosure. The leakage exists because an authenticated user is allowed to access other users' sensitive information via unused and undocumented API endpoints...