High severity vulnerability that affects org.apache.zeppelin:zeppelin

2019-04-24T16:06:59
ID GHSA-C538-924G-99Q4
Type github
Reporter GitHub Advisory Database
Modified 2019-10-10T20:51:33

Description

Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".