Apache Superset RCE Vulnerability CVE-2023-27524 Highlights Ongoing Issues with Flask AppBuilder, Joining List of Previously Discovered CVEs

On Apr 24, 2023 Naveen Sunkavally, Chief Architect at Horizon3.ai, announced the discovery of a new vulnerability, CVE-2023-27524, in Apache Superset and wrote comprehensively about the whole process. The vulnerability was caused by an insecure default configuration in the application. This is not the first time this type of vulnerability has been found in similar ... Apache Superset RCE Vulnerability CVE-2023-27524 Highlights Ongoing Issues with Flask AppBuilder, Joining List of Previously Discovered CVEs

The post Apache Superset RCE Vulnerability CVE-2023-27524 …

apache apache superset application application security architect chief configuration cve cves default discovery flask horizon3 horizon3.ai insecure list process rce rezilion research superset vulnerability