CVE-2022-43982
Apache Airflow prior to 2.4.2 allows reflected XSS via Origin Query Argument in URL
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Produtos afetados
Apache Software Foundation · Apache AirflowQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →