Superset
CVE-2023-43701
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
Improper payload validation and an improper REST API response type, made it possible for an authenticated malicious actor to store malicious code into Chart's metadata, this code could get executed if a user specifically accesses a specific deprecated API endpoint. This issue affects Apache Superset versions prior to 2.1.2. Users are recommended to upgrade to version 2.1.2, which fixes this issue.
AnalysisAI
Improper payload validation and an improper REST API response type, made it possible for an authenticated malicious actor to store malicious code into Chart's metadata, this code could get executed. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Improper payload validation and an improper REST API response type, made it possible for an authenticated malicious actor to store malicious code into Chart's metadata, this code could get executed if a user specifically accesses a specific deprecated API endpoint.1.2. Users are recommended to upgrade to version 2.1.2, which fixes this issue. Affected products include: Apache Superset. Version information: prior to 2.1.2..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Rated critical severity (CVSS 9.8), th
An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL
Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to pos
If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Py
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternati
Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Rated high
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Rated critical severity (CVSS 9.8),
A where_in JINJA macro allows users to specify a quote, which combined with a carefully crafted statement would allow fo
Apache Superset up to and including 1.3.0 when configured with ENABLE_TEMPLATE_PROCESSING on (disabled by default) allow
While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests v
In the course of work on the open source project it was discovered that authenticated users running queries against Hive
Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). Rate
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today