Two Flaws in Apache SuperSet Allow to Remotely Hack Servers
Two Flaws in Apache SuperSet Allow to Remotely Hack Servers
08 September 2023
By tricking Superset into connecting to its own metadata database, an attacker can directly read or write application configuration through the interface potentially leading to credential harvesting and remote code execution.