Apache · Apache Dolphinscheduler · CVE-2024-23320
**Name of the Vulnerable Software and Affected Versions**
Apache DolphinScheduler (affected versions not specified)
**Description**
The issue concerns an Improper Input Validation vulnerability, allowing an authenticated user to execute arbitrary, unsandboxed javascript on the server. This can lead to arbitrary js execution as root for authenticated users.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.