Lucene search
HistoryMay 08, 2023 - 10:15 a.m.
CVE-2023-29247
task instance page
ui
stored xss
apache airflow
cve-2023-29247
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
41.4%
Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.
Affected configurations
Node
apacheairflowRange<2.6.0
Related
cnvd
cnvd
Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2023-52700)
2023-05-10 00:00:00
osv
osv
CVE-2023-29247
2023-05-08 10:15:09
PYSEC-2023-60
2023-05-08 10:15:00
BIT-airflow-2023-29247
2024-03-06 10:54:51
veracode
veracode
Stored Cross-Site Scripting (XSS)
2023-05-10 00:28:30
cvelist
cvelist
CVE-2023-29247 Stored XSS on Apache Airflow
2023-05-08 09:01:40
prion
prion
Design/Logic Flaw
2023-05-08 10:15:00
github
github
Apache Airflow vulnerable to stored Cross-site Scripting
2023-05-08 12:30:28
cve
cve
CVE-2023-29247
2023-05-08 10:15:09
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
41.4%
Related for NVD:CVE-2023-29247