5 matches found
CVE-2021-41971
Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...
CVE-2021-41971
Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...
CVE-2021-41971
Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...
CVE-2021-41971
Apache Superset versions up to 1.3.0 are affected by an SQL injection vulnerability when ENABLE_TEMPLATE_PROCESSING is enabled. The issue arises in template processing logic that processes a malicious HTTP request with a crafted URL, leading to potential SQL injection. Several sources (NVD, OSV, ...
CVE-2021-41971 Possible SQL Injection when template processing is enabled
Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...