Taidh

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 2.6.0 **Description** The task instance details page in the UI is vulnerable to a stored cross-site scripting (XSS) issue. This allows for malicious scripts to be stored and executed on the page. **Recommendations** For versions prior to 2.6.0, update to version 2.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the task instance details page in the UI until a patch is applied.