PT-2021-16724 · Apache · Apache Druid
Name of the Vulnerable Software and Affected Versions: Apache Druid versions 0.20.0 and earlier Description: The issue allows an authenticated user to send a specially-crafted request that forces Apache Druid to run user-provided JavaScript code for that request, regardless of server configuratio...