CVE-2023-40610 | Apache Superset up to 2.1.2 CTE authorization

Posted by Angelo Barbosa | Nov 27, 2023 | CVE

A vulnerability was found in Apache Superset up to 2.1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component CTE Handler. The manipulation leads to incorrect authorization.

This vulnerability is known as CVE-2023-40610. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-40610 | Apache Superset up to 2.1.2 CTE authorization

Related Posts

CVE-2024-32487 | less up to 653 File Name filename.c LESSOPEN os command injection

CVE-2024-3099 | MLflow up to 2.11.1 undefined behavior for input to api

CVE-2024-5121 | SourceCodester Event Registration System 1.0 e cross site scripting

CVE-2024-23191 | Open-Xchange OX App Suite up to 7.10.6-rev40 cross site scripting (adv-2024-0001)