SSRF Vulnerability in Apache Superset 2.1.0

SSRF Vulnerability in Apache Superset 2.1.0

CVE-2023-36388 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.

Learn more about our Cis Benchmark Audit For Apache Http Server.