CVE-2023-27526

MEDIUM4.3EPSS 0.13%

Apache Superset: Improper Authorization check on import charts

Published: 9/6/2023Modified: 5/20/2025

Description

A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0.

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N