===================================================================== CERT-Renater Note d'Information No. 2021/VULN541 _____________________________________________________________________ DATE : 18/10/2021 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Apache Superset versions prior to 1.3.1. ===================================================================== http://mail-archives.apache.org/mod_mbox/superset-dev/202110.mbox/%3ca954ec68-a17a-2292-f54d-8b043277adab@apache.org%3e http://mail-archives.apache.org/mod_mbox/superset-dev/202110.mbox/%3cd0e2c42e-49e9-05a2-6157-2d652a455f53@apache.org%3e _____________________________________________________________________ CVE-2021-41971: Apache Superset: Possible SQL Injection when template processing is enabled Date: Fri, 15 Oct 2021 13:06:39 +0000 Severity: low Description: Apache Superset up to and including 1.3.0 when configured with ENABLE_TEMPLATE_PROCESSING on (disabled by default) allowed SQL injection when a malicious authenticated user sends an http request with a custom URL. Mitigation: Don't enable ENABLE_TEMPLATE_PROCESSING (disabled by default). Or upgrade to Apache Superset 1.3.1 Credit: Apache Superset would like to thank Kevin Kusnardi for reporting this issue _____________________________________________________________________ CVE-2021-32609: Apache Superset: XSS vulnerability on Explore page Date Fri, 15 Oct 2021 13:02:54 GMT Description: Apache Superset up to and including 1.1 does not sanitize titles correctly on the Explore page. This allows an attacker with Explore access to save a chart with a malicious title, injecting html (including scripts) into the page. Credit: Apache Superset team would like to thank Oscar Arnflo for reporting this issue ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================