[oss-security] CVE-2024-43115: Apache DolphinScheduler: Alert Script Attack

Lidong Dai Wed, 03 Sep 2025 00:14:02 -0700

Severity: low 

Affected versions:


- Apache DolphinScheduler before 3.2.2

Description:

Improper Input Validation vulnerability in Apache DolphinScheduler. An 
authenticated user can execute any shell script server by alert script.


This issue affects Apache DolphinScheduler: before 3.2.2.

Users are recommended to upgrade to version 3.3.1, which fixes the issue.

Credit:

L0ne1y (reporter)

References:

https://lists.apache.org/thread/lh42ktbbg87wrr6854rd7kho83wxc6f9
https://dolphinscheduler.apache.org
https://www.cve.org/CVERecord?id=CVE-2024-43115

[oss-security] CVE-2024-43115: Apache DolphinScheduler: Alert Script Attack

Reply via email to