cve/2022/CVE-2022-43719.md

### [CVE-2022-43719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43719)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Superset&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen)

### Description

Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/karimhabush/cyberowl
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2022-43719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43719)`
			`![](https://img.shields.io/static/v1?label=Product&message=Apache%20Superset&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0.0%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen)`

			`### Description`

			`Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/karimhabush/cyberowl`