mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
860 B
860 B
CVE-2023-42501
Description
Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations.This issue affects Apache Superset: before 2.1.2.Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove can_read permission from the mentioned resources.
POC
Reference
No PoCs from references.