An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. Administrators in charge of Apache Superset instances should check whether they are among that lot, upgrade them to a fixed version, and check whether attackers might have exploited the weakness to breach them. Apache Superset and the widespread exploitable weakness Apache Superset is a data exploration and visualization platform that’s usually integrated with a variety of … More
The post Common insecure configuration opens Apache Superset servers to compromise appeared first on Help Net Security.