CVE-2021-42250

Improper Encoding or Escaping of Output in pypi/apache-superset

Identifiers

CVE-2021-42250

Package Slug

pypi/apache-superset

Vulnerability

Improper Encoding or Escaping of Output

Description

Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.

Affected Versions

All versions before 1.3.2

Solution

Upgrade to version 1.3.2 or above.

Last Modified

2021-11-19

source