CVE-2021-41971 in Superset
要約
〜によって MITRE • 2021年10月18日
Apache Superset up to and including 1.3.0 when configured with ENABLE_TEMPLATE_PROCESSING on (disabled by default) allowed SQL injection when a malicious authenticated user sends an http request with a custom URL.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.