CVE-2020-11983
CVE-2020-11983
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
16 jul 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.
Productos afectados
Apache Software Foundation · Apache Airflow