6 matches found
Internet Bug Bounty: CVE-2024-41937: Apache Airflow: Stored XSS Vulnerability on provider link
CVE-2024-41937: Apache Airflow: Stored XSS Vulnerability on Provider Link A stored cross-site scripting XSS vulnerability was discovered in Apache Airflow versions before 2.10.0. The vulnerability allowed the developer of a malicious provider to execute arbitrary script code when a user clicked o...
CVE-2024-41937 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-41937 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-41937 Apache Airflow: Stored XSS Vulnerability on provider link
Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the...
CVE-2024-41937 Apache Airflow: Stored XSS Vulnerability on provider link
Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the...
CVE-2024-41937 Apache Airflow: Stored XSS Vulnerability on provider link
Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the...