In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-11-02T00:00:00

Updated: 2024-08-03T13:47:04.602Z

Reserved: 2022-10-28T00:00:00

Link: CVE-2022-43982

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-11-02T12:15:56.050

Modified: 2022-11-03T13:52:45.707

Link: CVE-2022-43982

cve-icon Redhat

No data.