Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2020-13922

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11974

Disclosure Date: December 18, 2020 (last updated November 08, 2023)
In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0