Headline
GHSA-h63r-9xxf-f2c7: Apache Airflow Cross-site Scripting vulnerability
In Apache Airflow versions prior to 2.4.2, the “Trigger DAG with config” screen was susceptible to XSS attacks via the origin query argument.
Apache Airflow Cross-site Scripting vulnerability
Moderate severity GitHub Reviewed Published Nov 2, 2022 • Updated Nov 3, 2022
Related news
CVE-2022-43982
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.