CVE-2021-41971 in Supersetinformación

Resumen

por MITRE • 2021-10-18

Apache Superset up to and including 1.3.0 when configured with ENABLE_TEMPLATE_PROCESSING on (disabled by default) allowed SQL injection when a malicious authenticated user sends an http request with a custom URL.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

2021-10-04

Divulgación

2021-10-18

Moderación

aceptado

Artículo

VDB-184546

CPE

listo

EPSS

0.01709

KEV

no

Actividades

muy bajo

Fuentes

Interested in the pricing of exploits?

See the underground prices here!