Lucene search
+L

6 matches found

Hacker One
Hacker One
added 2024/08/22 3:20 p.m.86 views

Internet Bug Bounty: CVE-2024-41937: Apache Airflow: Stored XSS Vulnerability on provider link

CVE-2024-41937: Apache Airflow: Stored XSS Vulnerability on Provider Link A stored cross-site scripting XSS vulnerability was discovered in Apache Airflow versions before 2.10.0. The vulnerability allowed the developer of a malicious provider to execute arbitrary script code when a user clicked o...

6.1CVSS5.8AI score0.01804EPSS
Exploits0
Wolfi
Wolfi
added 2024/08/21 4:15 p.m.28 views

CVE-2024-41937 vulnerabilities

Vulnerabilities for packages: airflow...

6.1CVSS7.2AI score0.01804EPSS
Exploits0
Chainguard
Chainguard
added 2024/08/21 4:15 p.m.11 views

CVE-2024-41937 vulnerabilities

Vulnerabilities for packages: airflow...

6.1CVSS6.4AI score0.01804EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/08/21 3:31 p.m.21 views

CVE-2024-41937 Apache Airflow: Stored XSS Vulnerability on provider link

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the...

6.3AI score0.01804EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 3:31 p.m.35 views

CVE-2024-41937 Apache Airflow: Stored XSS Vulnerability on provider link

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the...

6.1CVSS6AI score0.01804EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/08/21 3:31 p.m.34 views

CVE-2024-41937 Apache Airflow: Stored XSS Vulnerability on provider link

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the...

0.01804EPSS
Exploits0References2
Rows per page
Query Builder