Headline
GHSA-7222-r37x-8q3m: Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
Moderate severity GitHub Reviewed Published Jan 16, 2023 • Updated Jan 20, 2023
Related news
CVE-2022-43719
Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.