CVE-2022-43718: Apache Superset: Cross-Site Scripting vulnerability on upload forms

[Daniel Gaspar <dpgaspar () apache org>]

Description:

Upload data forms do not correctly render user input leading to possible XSS attack vectors that can be performed by 
authenticated users with database connection update permissions. This issue affects Apache Superset version 1.5.2 and 
prior versions and version 2.0.0.

Credit:

Positive Technologies (finder)

References:

https://superset.apache.org
https://www.cve.org/CVERecord?id=CVE-2022-43718