CVE-2022-43721

URL Redirection to Untrusted Site ('Open Redirect') in pypi/superset

Identifiers

CVE-2022-43721

Package Slug

pypi/superset

Vulnerability

URL Redirection to Untrusted Site ('Open Redirect')

Description

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.

Affected Versions

All versions up to 1.5.2, version 2.0.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-25

source