CVE-2020-13944
pypi/apache-airflow
Cross-site Scripting
In Apache Airflow, the origin parameter passed to endpoints like /trigger is vulnerable to XSS.
origin
/trigger
All versions before 1.10.12
Upgrade to version 1.10.12 or above.
2020-09-22