CVE-2021-42250
published 2021-11-17CVE-2021-42250: Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | superset | < 1.3.2 | 1.3.2 |
| apache_software_foundation | apache_superset | Apache Superset – 1.3.1 | — |