Log Injection Vulnerability in Apache Superset

Log Injection Vulnerability in Apache Superset

CVE-2021-42250 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.

Learn more about our Cis Benchmark Audit For Apache Http Server.