CVE-2023-29247

CVSS V2 None CVSS V3 None
Description
Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.
Overview
  • CVE ID
  • CVE-2023-29247
  • Assigner
  • security@apache.org
  • Vulnerability Status
  • Received
  • Published Version
  • 2023-05-08T10:15:09
  • Last Modified Date
  • 2023-05-08T10:15:09
Weakness Enumerations
CWE URL
CWE-79 http://cwe.mitre.org/data/definitions/79.html
References
Reference URL Reference Tags
https://github.com/apache/airflow/pull/30447
https://github.com/apache/airflow/pull/30779
https://lists.apache.org/thread/kqf5lxmko133780clsp827xfsh4xd3fl
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-29247
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29247
History
Created Old Value New Value Data Type Notes
2023-05-08 11:00:30 Added to TrackCVE
2023-05-08 11:00:30 Weakness Enumeration new