9 matches found
EUVD-2020-0040
Malware in sbrugna...
BIT-AIRFLOW-2020-17515
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.13. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix the issue completely...
BIT-AIRFLOW-2021-28359 Apache Airflow Reflected XSS via Origin Query Argument in URL
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions 1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fi...
Cross-site Scripting in Apache Airflow
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions 1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fi...
GHSA-86VP-X3PR-79RX Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944
The origin parameter passed to some of the endpoints like /trigger was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.15. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix the issue completely...
Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944
The origin parameter passed to some of the endpoints like /trigger was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.15. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix the issue completely...
Design/Logic Flaw
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.13. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix the issue completely...
CVE-2020-13944
In Apache Airflow 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit...
CVE-2020-13944
The vulnerability described as CVE-2020-13944 affects Apache Airflow via a Cross‑Site Scripting (XSS) flaw in the origin parameter for some endpoints (notably /trigger) in older Airflow releases. Connected advisories reiter that the issue occurs in <1.10.12 (and related