CVE

CVE-2020-1932

admin

CVE-2020-1932

An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users’ information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset.

Source: CVE-2020-1932

Exit mobile version