CVE Published: 16/01/2023 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: apache |
Vendor: Apache Software Foundation |
Product: Apache Superset Status : PUBLISHED
CVE-2022-43717 Description
Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.