Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:36 a.m.12 views

CVE-2021-41971

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

8.8CVSS7.6AI score0.01709EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 3:15 p.m.27 views

CVE-2021-41971

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

8.8CVSS0.01709EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 3:15 p.m.27 views

CVE-2021-41971

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

8.8CVSS9AI score
Exploits0References1
CVE
CVE
added 2021/10/18 2:30 p.m.89 views

CVE-2021-41971

Apache Superset versions up to 1.3.0 are affected by an SQL injection vulnerability when ENABLE_TEMPLATE_PROCESSING is enabled. The issue arises in template processing logic that processes a malicious HTTP request with a crafted URL, leading to potential SQL injection. Several sources (NVD, OSV, ...

8.8CVSS8.9AI score0.01709EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 2:30 p.m.38 views

CVE-2021-41971 Possible SQL Injection when template processing is enabled

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

9.2AI score0.01709EPSS
Exploits0References1
Rows per page
Query Builder