May 8, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Severity
Medium
Analysis Summary
CVE-2023-49299
Apache DolphinScheduler could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary unsandboxed javascript on the server.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-49299
Affected Vendors
Apache
Affected Products
- Apache DolphinScheduler 3.1.9
Remediation
Refer to Dolphinscheduler GIT Repository for patch, upgrade or suggested workaround information.
