4 matches found
GHSA-FXJG-28FM-PFXH Apache Superset Server-Side Request Forgery vulnerability
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...
CVE-2023-25504
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...
CVE-2023-25504
A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in...
PT-2023-20117 · Apache · Apache Superset
Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to and including 2.0.1 Description: A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature to conduct Server-Side Request Forgery attacks...