CVE-2023-36387

Publication date

2023-09-06 12:19:39

Family

apache

State

PUBLISHED

Description

An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.