Session Fixation Apache DolphinScheduler before version 3.2.0, which session is still valid after the password change. Users are recommended to upgrade to version 3.2.1, which fixes this issue.
History

Thu, 29 Aug 2024 21:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-384
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2024-02-20T10:01:32.260Z

Updated: 2024-08-29T15:08:36.166Z

Reserved: 2023-12-06T02:25:09.094Z

Link: CVE-2023-50270

cve-icon Vulnrichment

Updated: 2024-08-02T22:16:46.169Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-20T10:15:08.140

Modified: 2024-11-21T08:36:47.543

Link: CVE-2023-50270

cve-icon Redhat

No data.