Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43982


In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.


Published

2022-11-02T12:15:56.050

Last Modified

2025-05-02T21:15:23.173

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-79
  • Type: Primary
    CWE-79

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application apache airflow < 2.4.2 Yes

References