CVE-2021-45229
Description
It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the origin query argument. This issue affects Apache Airflow versions 2.2.3 and below.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
1.563
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-45229 are fixed in Python-apache-airflow 2.2.4rc1 | Windows |
| Vulnerabilities CVE-2021-45229 are fixed in Python-apache-airflow for linux 2.2.4rc1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234