CVE-2022-43717
- Source
- https://cve.org/CVERecord?id=CVE-2022-43717
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-43717.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-43717
- Aliases
- Published
- 2023-01-16T11:15:10.370Z
- Modified
- 2026-03-14T11:55:31.286539Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
- References
Affected packages
Git / github.com/apache/superset
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apache/superset
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "1.5.2" }, { "introduced": "0" }, { "last_affected": "2.0.0-NA" }, { "introduced": "0" }, { "last_affected": "2.0.0-rc1" }, { "introduced": "0" }, { "last_affected": "2.0.0-rc2" } ] }
Affected versions
0.*
0.10.0
0.11.0
0.12.0
0.13.1
0.13.2
0.14.1
0.15.0
0.15.1
0.15.3
0.15.4
0.15.4.1
0.16.0
0.16.1
0.17.0
0.17.1
0.17.2
0.17.3
0.17.4
0.17.5
0.17.6
0.18.2
0.18.3
0.18.4
0.18.5
0.19.1
0.2.1
0.20.1
0.25-fork
0.29.0rc1
0.4.0
0.5.0
0.5.1
0.5.2
0.5.3
0.6.0
0.6.1
0.7.0
0.8.0
0.8.3
0.8.4
0.8.5
0.8.6
0.8.7
0.8.8
0.8.9
0.9.0
0.9.1
1.*
1.5.0
1.5.0rc1
1.5.0rc2
1.5.0rc3
1.5.0rc4
1.5.1
1.5.1rc1
1.5.2
1.5.2rc1
1.5.2rc2
1.5.2rc3
2.*
2.0.0
2.0.0rc1
2.0.0rc2
2020.*
2020.51.1
airbnb_prod.*
airbnb_prod.0.10.0.2
airbnb_prod.0.11.0.1
airbnb_prod.0.11.0.2
airbnb_prod.0.11.0.3
airbnb_prod.0.11.0.4
airbnb_prod.0.11.0.5
airbnb_prod.0.11.0.6
airbnb_prod.0.12.0.1
airbnb_prod.0.12.1.0
airbnb_prod.0.13.0.0
airbnb_prod.0.13.0.1
airbnb_prod.0.13.0.2
airbnb_prod.0.13.0.3
airbnb_prod.0.15.0.1
airbnb_prod.0.15.4.1
airbnb_prod.0.15.4.2
airbnb_prod.0.15.5.0
Other
dummy
rm
test_tag
superset-helm-chart-0.*
superset-helm-chart-0.1.0
superset-helm-chart-0.1.1
superset-helm-chart-0.1.2
superset-helm-chart-0.1.3
superset-helm-chart-0.1.4
superset-helm-chart-0.1.5
superset-helm-chart-0.1.6
superset-helm-chart-0.2.0
superset-helm-chart-0.2.1
superset-helm-chart-0.3.0
superset-helm-chart-0.3.1
superset-helm-chart-0.3.10
superset-helm-chart-0.3.11
superset-helm-chart-0.3.12
superset-helm-chart-0.3.2
superset-helm-chart-0.3.3
superset-helm-chart-0.3.4
superset-helm-chart-0.3.5
superset-helm-chart-0.3.6
superset-helm-chart-0.3.7
superset-helm-chart-0.3.8
superset-helm-chart-0.3.9
superset-helm-chart-0.4.0
superset-helm-chart-0.5.0
superset-helm-chart-0.5.1
superset-helm-chart-0.5.10
superset-helm-chart-0.5.2
superset-helm-chart-0.5.3
superset-helm-chart-0.5.4
superset-helm-chart-0.5.5
superset-helm-chart-0.5.6
superset-helm-chart-0.5.7
superset-helm-chart-0.5.8
superset-helm-chart-0.5.9
superset-helm-chart-0.6.0
superset-helm-chart-0.6.1
superset-helm-chart-0.6.2
superset-helm-chart-0.6.3
v2020.*
v2020.51.0
v2021.*
v2021.10.0
v2021.13.0
v2021.15.0
v2021.17.0
v2021.18.0
v2021.19.0
v2021.20.0
v2021.21.0
v2021.22.0
v2021.23.0
v2021.23.1
v2021.24.0
v2021.25.0
v2021.27.0
v2021.27.1
v2021.29.0
v2021.3.0
v2021.31.0
v2021.34.0
v2021.35.0
v2021.36.0
v2021.36.5
v2021.38.0
v2021.40.0
v2021.41.0
v2021.5.0
v2021.5.1
v2021.6.0
v2021.7.0
v2021.8.0
v2021.9.0
v2021.9.4