SQL Injection Vulnerability in Apache Superset (<=1.4.2)

SQL Injection Vulnerability in Apache Superset (<=1.4.2)

CVE-2022-27479 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.