Security Advisory

CVE-2020-11983

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-16 23:21:30

Last updated 2024-08-04 11:48:57

Assigner apache

State PUBLISHED

Description

An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.

← Browse all CVEs View on cve.org ↗