CVE-2022-43982
on github
Published
Severity
CVSS v3:
6.1 MEDIUM
CVSS v2:
N/A
Description
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* | n/a | 2.4.2 | * |