Vulnerability CVE-2022-43717


Published: 2023-01-16

Description:
Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://lists.apache.org/thread/g6zy6vkpvkbj5mj32vmyzwol5ldtg9pl

Copyright 2026, cxsecurity.com

 

Back to Top