Apache · Apache Airflow · CVE-2021-45229
**Name of the Vulnerable Software and Affected Versions**
Apache Airflow versions 2.2.3 and below
**Description**
The "Trigger DAG with config" screen in Apache Airflow is susceptible to XSS attacks via the `origin` query argument.
**Recommendations**
For Apache Airflow versions 2.2.3 and below, consider disabling the "Trigger DAG with config" screen until a patch is available to prevent XSS attacks via the `origin` query argument.