Ali Al-Habsi

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions 2.2.3 and below **Description** The "Trigger DAG with config" screen in Apache Airflow is susceptible to XSS attacks via the `origin` query argument. **Recommendations** For Apache Airflow versions 2.2.3 and below, consider disabling the "Trigger DAG with config" screen until a patch is available to prevent XSS attacks via the `origin` query argument.

**Name of the Vulnerable Software and Affected Versions** Airflow versions prior to 1.10.13 **Description** The issue occurs when creating a user using the airflow CLI or when creating a Connection with a password field in Airflow, where the password gets logged in plain text in the Log table in Airflow Metadata. **Recommendations** For versions prior to 1.10.13, update to version 1.10.13 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 1.10.15 **Description** The issue is related to an XSS exploit through the `origin` parameter passed to certain endpoints, such as '/trigger'. **Recommendations** For versions prior to 1.10.15, update to version 1.10.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable endpoint '/trigger' until a patch is available. Avoid using the `origin` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 1.10.12 **Description** The issue concerns a XSS exploit in Apache Airflow. The `origin` parameter passed to certain endpoints, such as `/trigger`, is vulnerable to this exploit. **Recommendations** For versions prior to 1.10.12, update to version 1.10.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable endpoints, such as `/trigger`, to minimize the risk of exploitation. Avoid using the `origin` parameter in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions 1.10.10 and below **Description** An issue was discovered in the admin management screens of the new/RBAC UI, where escaping was handled incorrectly. This allowed authenticated users with appropriate permissions to create stored XSS attacks. **Recommendations** For Apache Airflow versions 1.10.10 and below, consider updating to a version above 1.10.10 to resolve the issue. As a temporary workaround, restrict access to the admin management screens in the new/RBAC UI to minimize the risk of exploitation.