CVE-2023-30776

Publication date

2023-04-24 15:29:53

Family

apache

State

PUBLISHED

Description

An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1.