1. Home
  2. CVEs with refmap.mlist==[airflow-users] 20201211 CVE-2020-17515: Apache Airflow Reflected XSS via Origin Parameter
Max CVSS 4.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-17515 4.3
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.13. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix t
06-08-2022 - 03:50 11-12-2020 - 14:15
CVE-2020-13944 4.3
In Apache Airflow < 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.
06-08-2022 - 03:46 17-09-2020 - 14:15
Back to Top Mark selected
Back to Top