Moderate severityNVD Advisory· Published Jan 16, 2023· Updated Apr 7, 2025
Apache Superset: Open Redirect Vulnerability
CVE-2022-43721
Description
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-supersetPyPI | <= 1.5.2 | — |
Affected products
3- osv-coords2 versions
< 1.5.3+ 1 more
- (no CPE)range: < 1.5.3
- (no CPE)range: <= 1.5.2
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-fcg4-pm6h-9xx2ghsaADVISORY
- lists.apache.org/thread/s6sqt5jmcv6qxtvdot1t5tpt57v439kgghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-43721ghsaADVISORY
News mentions
0No linked articles in our index yet.