CVE-2021-28125

CVE-2021-28125

Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link.

Source: CVE-2021-28125

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다