Public CVE-2019-5259 disclosure

In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab