DSCVE-2020-13922 关于CVE-2020-13922安全漏洞的升级文件 根据当前版本替换lib目录下的jar包: 120版本 dolphinscheduler-api-120-SNAPSHOTjar 121版本 dolphinscheduler-api-121-SNAPSHOTjar
Versions of Apache DolphinScheduler before 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache dolphinscheduler 1.2.1 |
||
apache dolphinscheduler 1.2.0 |
||
apache dolphinscheduler 1.3.1 |