CVE-2023-50270

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-50270
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-50270.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-50270
Aliases
Published
2024-02-20T10:15:08Z
Modified
2024-10-08T03:55:10.112191Z
Summary
[none]
Details

Session Fixation Apache DolphinScheduler before version 3.2.0, which session is still valid after the password change.

Users are recommended to upgrade to version 3.2.1, which fixes this issue.

References

Affected packages

Git / github.com/apache/dolphinscheduler

Affected ranges

Type
GIT
Repo
https://github.com/apache/dolphinscheduler
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
f64b254809f21f811eaef780d489a43b490ca327

Affected versions

1.*

1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.1.0-preview
1.3.1
1.3.3

Other

test