Cross-site Scripting (XSS)

apachesuperset is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly render user inputs via the Upload data forms endpoint, allowing an authenticated attacker with database connection update permissions to inject and execute malicious JavaScript...

PT-2023-14303 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 Description: The issue arises from upload data forms not correctly rendering user input, leading to possible XSS attack vectors. These attacks can be performed by...