CVE-2021-42250: Improper Encoding or Escaping of Output in Apache Superset
(updated )
Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.
References
Detect and mitigate CVE-2021-42250 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →