Site icon API Security Blog

Improper Access Control

apache_superset is vulnerable to Improper Access Control. The vulnerability exists in `api.py` due to explicitly enabling the `DASHBOARD_CACHE` feature which allows an unauthenticated user to access dashboard configuration metadata using a rest api GET endpoint .Read More

Exit mobile version