PT-2021-19806 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to and including 1.1 Description: The issue allows an attacker with Explore access to save a chart with a malicious title, injecting html including scripts into the page, due to incorrect sanitization of titles on...

CVE-2019-0374

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting...