Vulnerability Database
299,759
Total vulnerabilities in the database
CVE-2022-43720
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
| Software | From | Fixed in |
|---|---|---|
| apache / superset | - | 1.5.2.x |
| apache / superset | 2.0.0-rc1 | 2.0.0-rc1.x |
| apache / superset | 2.0.0-rc2 | 2.0.0-rc2.x |
| apache / superset | 2.0.0 | 2.0.0.x |
apache-superset
|
- | 1.5.2.x |
|
apache-superset
|
2.0.0 | 2.0.0.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime