admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create Apache_Superset_Cookie_Permission_Bypass_Vulnerability_(CVE-2023-30776).md

Browse Source
This commit is contained in:
Goby 2023-10-10 13:03:10 +08:00 committed by GitHub
parent e5d2039a16
commit e4f66c3bfb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Apache_Superset_Cookie_Permission_Bypass_Vulnerability_(CVE-2023-30776).md Normal file
View File

@ -0,0 +1,13 @@
## Apache Superset Cookie Permission Bypass Vulnerability (CVE-2023-30776)
| **Vulnerability** | Apache Superset Cookie Permission Bypass Vulnerability (CVE-2023-30776) |
| :----: | :-----|
| **Chinese name** | Apache Superset Cookie 权限绕过漏洞CVE-2023-27524 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [app="APACHE-Superset"](https://en.fofa.info/result?qbase64=KHRpdGxlPSJTdXBlcnNldCIgJiYgKGJvZHk9ImFwcGJ1aWxkZXIiIHx8IGJvZHk9IjxpbWcgc3JjPVwiaHR0cHM6Ly9qb2luc3VwZXJzZXQuY29tL2ltZy9zdXBlcnNldGxvZ292ZWN0b3Iuc3ZnIikpIHx8IGJvZHk9IjxhIGhyZWY9XCJodHRwczovL21hbmFnZS5hcHAtc2R4LnByZXNldC5pb1wiIGNsYXNzPVwiYnV0dG9uXCI%2BQmFjayB0byB3b3Jrc3BhY2VzPC9hPjwvc2VjdGlvbj4iIHx8IChib2R5PSIvc3RhdGljL2Fzc2V0cy9kaXN0L2NvbW1vbi42NDRhZTdhZTk3M2IwMGFiYzE0Yi5lbnRyeS5qcyIgfHwgKGJvZHk9Ii9zdGF0aWMvYXNzZXRzL2ltYWdlcy9mYXZpY29uLnBuZyIgJiYgYm9keT0iL3N0YXRpYy9hcHBidWlsZGVyL2pzL2pxdWVyeS1sYXRlc3QuanMiKSAmJiBib2R5PSJTdXBlcnNldCIpIHx8IGhlYWRlcj0iL3N1cGVyc2V0L3dlbGNvbWUvIiB8fCB0aXRsZT0iNTAwOiBJbnRlcm5hbCBzZXJ2ZXIgZXJyb3IgfCBTdXBlcnNldCIgfHwgdGl0bGU9IjQwNDogTm90IGZvdW5kIHwgU3VwZXJzZXQiIHx8IGJhbm5lcj0iL3N1cGVyc2V0L3dlbGNvbWUvIiB8fCBiYW5uZXI9Ii9zdXBlcnNldC9kYXNoYm9hcmQvIg%3D%3D)|
| **Number of assets affected** | 56089 |
| **Description** | Apache Superset is an open source modern data exploration and visualization platform.Apache Superset Cookie has a permission bypass vulnerability that allows an attacker to control the entire system, ultimately leaving the system in an extremely unsafe state. |
| **Impact** | Apache Superset Cookie has a permission bypass vulnerability that allows an attacker to control the entire system, ultimately leaving the system in an extremely unsafe state. |
![](https://s3.bmp.ovh/imgs/2023/10/10/ec147824884d3597.gif)