Vulnerability Database

Published: Feb 20, 2024
Updated: Nov 16, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-50270" target="_blank" rel="noopener"> CVE-2023-50270
GHSA: <a href="https://github.com/advisories/GHSA-vjqc-g788-f378" target="_blank" rel="noopener"> GHSA-vjqc-g788-f378
Severity: Medium
Exploit:

308,485

Total vulnerabilities in the database

Session Fixation Apache DolphinScheduler before version 3.2.0, which session is still valid after the password change.

Users are recommended to upgrade to version 3.2.1, which fixes this issue.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
org.apache.dolphinscheduler / dolphinscheduler	1.3.8	3.2.1
apache / dolphinscheduler	1.3.8	3.2.1

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.