CVE

CVE-2021-37839

CVE-2021-37839

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.

Source: CVE-2021-37839

Exit mobile version