EPSS
Percentile
17.3%
apache_superset is vulnerable to information disclosure. The leakage exists because an authenticated user is allowed to access other users’ sensitive information via unused and undocumented API endpoints.
github.com/apache/incubator-superset/blob/7cb3d3b5d2e05f98f0683bc72514e4d9f4ce13f8/CHANGELOG.md
github.com/apache/incubator-superset/pull/8918
lists.apache.org/thread.html/r4e5323c3bc786005495311a6ff53ac6d990b2c7eb52941a1a13ce227%40%3Cdev.superset.apache.org%3E