CVE List

CVE-2020-13944

Moderate 6.1

In Apache Airflow < 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.

Published September 17, 2020.

Affected software

Get alerts for Apache Airflow

Reference links