QwikSec

Security Database

CVE

CWE

Training

CVE-2024-43115

Published: Sep 3, 2025

Modified: Nov 4, 2025

PUBLISHED

Description

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue.

Vendor	Product	Versions
Apache Software Foundation	Apache DolphinScheduler	affected `0 - < 3.2.2`

Weaknesses (CWE)

References

https://lists.apache.org/thread/qm36nrsv1vrr2j4o5q2wo75h3686hrnj

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.