CVE-2023-30776: Apache Superset: Database connection password leak

Mon, 24 Apr 2023 08:03:41 -0700 

Description:

An authenticated user with specific data permissions could access database 
connections stored passwords by requesting a specific REST API. This issue 
affects Apache Superset version 1.3.0 up to 2.0.1.

References:

https://superset.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-30776

Reply via email to