Apache: >> Dolphinscheduler Security Vulnerabilities
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
CVSS Score
6.5
EPSS Score
0.017
Published
2021-01-11
In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.
CVSS Score
9.8
EPSS Score
0.076
Published
2020-12-18
Page 4