by vicarius
log in join community
by @jakaba
12 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

Stored XSS Vulnerability in Apache Superset (CVE-2023-49657)

by @jakaba
by @jakaba
12 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

Stored XSS Vulnerability in Apache Superset (CVE-2023-49657)

CVEs

CVE-2023-49657
5.4 Medium Severity

Apps

Superset
SupersetApache
0.15.4.1.*
0.34.1.-
0.34.1.*
0.34.1.RC2
0.34.1.RC1
0.17.6.*
*.*
0.37.2.RC2
0.37.2.-
0.37.2.RC1

Screenshots from the blog posts

images/clw0lu6b41t5j1in38t7d8b1t.jpgimages/clw0lu6b41t5j1in38t7d8b1t.jpg

Summary

CVE-2023-49657 is a Stored XSS issue in Superset that could allow malicious actors to inject client-side scripts into web pages viewed by other users

Description

Tags

#APACHE#xss#Superset#CVE-2023-49657
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)