Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. A cross-site scripting vulnerability exists in Apache Superset versions prior to 3.0.3, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an authenticated attacker to inject malicious script into a web page.