GHSA-7222-r37x-8q3m
GitHub Security Advisory
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
✓ GitHub Reviewed
HIGH
Has CVE
Advisory Details
Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
Affected Packages
PyPI
apache-superset
Affected versions:
0
(last affected: 1.5.2)
PyPI
apache-superset
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: July 27, 2025 6:35 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.