Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/xc309h2dphrkg33154djf3nqlh2xc1c0 | Mailing List Vendor Advisory |
https://lists.apache.org/thread/xc309h2dphrkg33154djf3nqlh2xc1c0 | Mailing List Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.apache.org/thread/xc309h2dphrkg33154djf3nqlh2xc1c0 - Mailing List, Vendor Advisory |
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
Summary | Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. |
Information
Published : 2023-01-16 11:15
Updated : 2024-11-21 07:27
NVD link : CVE-2022-43719
Mitre link : CVE-2022-43719
CVE.ORG link : CVE-2022-43719
JSON object : View
Products Affected
apache
- superset
CWE
CWE-352
Cross-Site Request Forgery (CSRF)