漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Superset: Improper Neutralization of Special Elements used in a SQL Command
Vulnerability Description
Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection via the sqlExpression or where parameters. This issue affects Apache Superset: before 6.0.0. Users are recommended to upgrade to version 6.0.0, which fixes the issue.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Apache Superset 安全漏洞
Vulnerability Description
Apache Superset是美国阿帕奇(Apache)基金会的一个数据可视化和数据探索平台。 Apache Superset 6.0.0之前版本存在安全漏洞,该漏洞源于SQL命令中特殊元素中和不当,可能导致经过身份验证的用户进行基于错误的SQL注入。
CVSS Information
N/A
Vulnerability Type
N/A