CVE-2020-11983
CVE-2020-11983
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
16 jul 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.
Produtos afetados
Apache Software Foundation · Apache Airflow