CVE-2021-45229

Published: Feb 25, 2022

Modified: Aug 4, 2024

PUBLISHED

Description

It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. This issue affects Apache Airflow versions 2.2.3 and below.

Vendor	Product	Versions
Apache Software Foundation	Apache Airflow	affected `unspecified - < 2.2.4`

Weaknesses (CWE)

CWE-79

References

https://lists.apache.org/thread/phx76cgtmhwwdy780rvwhobx8qoy4bnk

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-45229

Description

Affected Products

Weaknesses (CWE)

References