Question 1

What is CVE-2022-43717 — CVE-2022-43717?

Accepted Answer

Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.

Question 2

What is the authoritative source for CVE-2022-43717?

Accepted Answer

CVE-2022-43717 (CVE-2022-43717) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	5.4 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS	1.24% probability of exploitation · percentile 65.3% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-43717CVE-2022-43717

Description

Scoring