Apache Superset: Safeguarding Against Stored XSS Attacks in Charts and Dashboards

In Apache Superset versions before 3.0.3 a medium severity vulnerability CVE-2023-49657 was detected. Attackers with permission to create or update charts or dashboards can insert harmful scripts or HTML snippets, enabling them to execute cross-site scripting attacks. To enhance security in 2.X versions, users need to update their configuration settings. For more information, visit https://avd.aquasec.com/nvd/2023/cve-2023-49657/.