CVE-2022-43721
pypi/superset
URL Redirection to Untrusted Site ('Open Redirect')
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
All versions up to 1.5.2, version 2.0.0
Unfortunately, there is no solution available yet.
2023-01-25
source |