You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@superset.apache.org by Singh Arvind <pm...@gmail.com> on 2023/02/06 18:04:43 UTC
RE: CVE-2022-43719: Apache Superset: Cross Site Request Forgery (CSRF) on accept, request access API
Hi,
With reference to your mail on apache cumminity , while set-up the apache
superset on local system for company but there are coming issues after
installied all prerquestion software required on machine
That's why have need support from your end
Request you please send your contact details and email so that I can
resolve this issue as on urgent basis
And you can transfer the to respective person who can resolve it at earliest
And also looking api to connect with third party please help out the same
Regards
Arvind Kumar
On 2023/01/16 09:19:57 Daniel Gaspar wrote:
> Severity: moderate
>
> Description:
>
> Two legacy REST API endpoints for approval and request access are
vulnerable to cross site request forgery. This issue affects Apache
Superset version 1.5.2 and prior versions and version 2.0.0.
>
> Credit:
>
> Positive Technologies (finder)
>
> References:
>
> https://superset.apache.org
> https://www.cve.org/CVERecord?id=CVE-2022-43719
>
>
Re: CVE-2022-43719: Apache Superset: Cross Site Request Forgery (CSRF) on accept, request access API
Posted by multazim deshmukh <mu...@gmail.com>.
Hi Arvind,
Slack is the best place to get quick help. You can join using
http://bit.ly/join-superset-slack
On Monday, February 6, 2023, Singh Arvind <pm...@gmail.com> wrote:
> Hi,
>
> With reference to your mail on apache cumminity , while set-up the apache
> superset on local system for company but there are coming issues after
> installied all prerquestion software required on machine
> That's why have need support from your end
> Request you please send your contact details and email so that I can
> resolve this issue as on urgent basis
> And you can transfer the to respective person who can resolve it at
> earliest
> And also looking api to connect with third party please help out the same
> Regards
> Arvind Kumar
>
> On 2023/01/16 09:19:57 Daniel Gaspar wrote:
> > Severity: moderate
> >
> > Description:
> >
> > Two legacy REST API endpoints for approval and request access are
> vulnerable to cross site request forgery. This issue affects Apache
> Superset version 1.5.2 and prior versions and version 2.0.0.
> >
> > Credit:
> >
> > Positive Technologies (finder)
> >
> > References:
> >
> > https://superset.apache.org
> > https://www.cve.org/CVERecord?id=CVE-2022-43719
> >
> >
>
--
Regards
Multazim Deshmukh
https://www.linkedin.com/in/multazim-deshmukh-a5b68429/