16 matches found
Cross site scripting
Livy server version 0.7.0-incubating only is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating...
CVE-2021-26544
Affected software: Apache Livy server 0.7.0-incubating. Issue: cross-site scripting (XSS) in the session name. Impact: a malicious user could access logs and results of other users’ sessions and run jobs with those users’ privileges. Root cause: XSS in session-name handling. Remediation: the fixe...
Apache Atlas Cross-Site Scripting Vulnerability
Apache Atlas is a set of scalable and extensible core functional governance services from the Apache USA Software Foundation. A cross-site scripting vulnerability exists in Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating. A remote attacker can exploit this vulnerability to inject...
Apache Atlas Cross-Site Scripting Vulnerability (CNVD-2017-27444)
Apache Atlas is a set of scalable and extensible core functional governance services from the Apache USA Software Foundation. A cross-site scripting vulnerability exists in the search function in Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating. A remote attacker can exploit this...
Apache Atlas Cross-Site Scripting Vulnerability (CNVD-2017-27442)
Apache Atlas is a set of scalable and extensible core functional governance services from the Apache USA Software Foundation. A cross-site scripting vulnerability exists in the edit-tag feature in Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating. A remote attacker can exploit this...
CVE-2017-3152
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...
CVE-2017-3153
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
Cross site scripting
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
Design/Logic Flaw
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...
PYSEC-2017-111
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
PYSEC-2017-109
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
PYSEC-2017-107
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality...
PYSEC-2017-109
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
PYSEC-2017-111
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
PYSEC-2017-110
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
CVE-2017-3152
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...