Lucene search
GitHub Advisory DatabaseGHSA-PRVG-RH5H-74JRHistoryApr 09, 2024 - 12:30 p.m.
Apache Zeppelin CSRF vulnerability in the Credentials page
2024-04-0912:30:46
CWE-352
GitHub Advisory Database
github.com
10
apache zeppelin
csrf
vulnerability
credentials page
cross-site request forgery
version 0.9.0
prior versions
software
Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
Affected configurations
Node
org.apache.zeppelinzeppelin-webRange≤0.9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| org.apache.zeppelin | zeppelin-web | * | cpe:2.3:a:org.apache.zeppelin:zeppelin-web:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2021-28656
2024-04-09 10:15:07
cvelist
cvelist
CVE-2021-28656 Apache Zeppelin: CSRF vulnerability in the Credentials page
2024-04-09 09:12:58
vulnrichment
vulnrichment
CVE-2021-28656 Apache Zeppelin: CSRF vulnerability in the Credentials page
2024-04-09 09:12:58
osv
osv
Apache Zeppelin CSRF vulnerability in the Credentials page
2024-04-09 12:30:46
cve
cve
CVE-2021-28656
2024-04-09 10:15:07
veracode
veracode
Cross Site Request Forgery (CSRF)
2024-04-10 11:32:29