1. Apache Superset Improper Authorization Flaw Grants Lower-Privilege Users Access to Role Creation API
A critical improper authorization vulnerability has been identified in Apache Superset when the FAB_ADD_SECURITY_API configuration is enabled, allowing lower-privilege users to create roles through the API. The security flaw, tracked as a significant access control failure, affects versions from 2.0.0 up to but not inc...