Lucene search

K

GoogleOSV:GHSA-R2V5-5VCR-H3VQ

HistoryApr 24, 2019 - 4:07 p.m.

Cross-site Scripting in Apache Zeppelin

2019-04-2416:07:36

Google

osv.dev

14

EPSS

0.003

Percentile

66.1%

Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by “Josna Joseph”.

References

www.openwall.com/lists/oss-security/2019/04/23/1

lists.apache.org/thread.html/ff6b995a5a3ba8db4d6b14b4d9dd487e7bf2e3bdd5b375b64a25fd06@%3Cusers.zeppelin.apache.org%3E

nvd.nist.gov/vuln/detail/CVE-2018-1328

zeppelin.apache.org/releases/zeppelin-release-0.8.0.html

EPSS

0.003

Percentile

66.1%

Related for OSV:GHSA-R2V5-5VCR-H3VQ

prion1 osv1 github1 cve1 veracode1 cvelist1 nvd1