Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. An input validation error vulnerability exists in Apache Superset versions prior to 3.0.0. The vulnerability stems from the presence of improper input validation, which can be exploited by an authenticated attacker to change the link to a dataset to an untrusted site by spoofing the HTTP host header, and users may be redirected to that site when clicking on that particular dataset.