PT-2020-13795 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 1.10.12 Description: The issue concerns a XSS exploit in Apache Airflow. The origin parameter passed to certain endpoints, such as /trigger, is vulnerable to this exploit. Recommendations: For versions prior t...