PYSEC-2020-23
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/apache-airflow/PYSEC-2020-23.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2020-23
- Aliases
- Published
- 2020-07-17T00:15:00Z
- Modified
- 2023-12-06T01:00:42.851900Z
- Summary
- [none]
- Details
-
An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was discovered in the Chart pages of the the "classic" UI.
- References
Affected packages
PyPI / apache-airflow
Package
- Name
- apache-airflow
- View open source insights on deps.dev
- Purl
- pkg:pypi/apache-airflow
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.10.11rc1
Affected versions
1.*
1.8.1
1.8.2rc1
1.8.2
1.9.0
1.10.0
1.10.1b1
1.10.1rc2
1.10.1
1.10.2b2
1.10.2rc1
1.10.2rc2
1.10.2rc3
1.10.2
1.10.3b1
1.10.3b2
1.10.3rc1
1.10.3rc2
1.10.3
1.10.4b2
1.10.4rc1
1.10.4rc2
1.10.4rc3
1.10.4rc4
1.10.4rc5
1.10.4
1.10.5rc1
1.10.5
1.10.6rc1
1.10.6rc2
1.10.6
1.10.7rc1
1.10.7rc2
1.10.7rc3
1.10.7
1.10.8rc1
1.10.8
1.10.9rc1
1.10.9
1.10.10rc1
1.10.10rc2
1.10.10rc3
1.10.10rc4
1.10.10rc5
1.10.10