apache_superset is vulnerable to Improper Access Control. The vulnerability exists in api.py
due to explicitly enabling the DASHBOARD_CACHE
feature which allows an unauthenticated user to access dashboard configuration metadata using a rest api GET endpoint .