Share:

CVE-2021-45229 - Apache Airflow

February 25, 2022

Moderate 6.1

It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. This issue affects Apache Airflow versions 2.2.3 and below.

Affected software

Apache Airflow

Reference links

https://lists.apache.org/thread/phx76cgtmhwwdy780rvwhobx8qoy4bnk

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.