Apache Superset, an open-source data visualization software, is vulnerable to a flaw that could allow an attacker to perform stored cross-site scripting attacks. Tracked as CVE-2023-49657, the vulnerability has a critical severity with a CVSS score of 9.6. An attacker must be authenticated and have create/update permissions on charts or dashboards to exploit the vulnerability. An … Continue reading “Apache Superset Stored Cross-Site Scripting (XSS) Vulnerability (CVE-2023-49657)”
