First published: Wed Apr 10 2019(Updated: )
A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views.
Credit: security@apache.org security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
pip/apache-airflow | <1.10.3 | 1.10.3 |
Apache Airflow | <=1.10.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.