8 matches found
Cross site scripting
Livy server version 0.7.0-incubating only is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating...
Apache Atlas Cross-Site Scripting Vulnerability (CNVD-2017-27444)
Apache Atlas is a set of scalable and extensible core functional governance services from the Apache USA Software Foundation. A cross-site scripting vulnerability exists in the search function in Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating. A remote attacker can exploit this...
PYSEC-2017-110
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
PYSEC-2017-109
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
CVE-2017-3152
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...
PYSEC-2017-109
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
PYSEC-2017-111
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
PYSEC-2017-111
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...