[MAVEN:GHSA-9P8J-HRGF-JC2G] Apache Zeppelin Cross-site Scripting vulnerability
Severity
Moderate
Affected Packages
1
Fixed Packages
1
CVEs
1
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users' browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin.
Package | Affected Version |
---|---|
pkg:maven/org.apache.zeppelin/zeppelin | < 0.8.2 |
Package | Fixed Version |
---|---|
pkg:maven/org.apache.zeppelin/zeppelin | = 0.8.2 |
- ID
- MAVEN:GHSA-9P8J-HRGF-JC2G
- Severity
- moderate
- URL
- https://github.com/advisories/GHSA-9p8j-hrgf-jc2g
- Published
-
2022-12-20T21:30:19
(21 months ago) - Modified
-
2023-01-29T05:01:05
(19 months ago) - Rights
- Maven Security Team
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |