SQL Injection Vulnerability in Apache Superset (<=1.4.2)
CVE-2022-27479 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.