Headline
GHSA-h63r-9xxf-f2c7: Apache Airflow Cross-site Scripting vulnerability
In Apache Airflow versions prior to 2.4.2, the “Trigger DAG with config” screen was susceptible to XSS attacks via the origin query argument.
Apache Airflow Cross-site Scripting vulnerability
Moderate severity GitHub Reviewed Published Nov 2, 2022 • Updated Nov 3, 2022
Related news
CVE-2022-43982
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.
ghsa: Latest News
GHSA-wf8f-6423-gfxg: Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation