CVE-2021-28125
pypi/apache-superset
URL Redirection to Untrusted Site (Open Redirect)
Apache Superset allows for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link.
All versions up to 1.0.1
Upgrade to version 1.1.0 or above.
2021-05-10
source |