6 matches found
CVE-2020-21485
Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board component...
Cross-Site Scripting (XSS)
org.alluxio:alluxio-parent is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious javascript on victim's browser, via the path parameter in the browse...
Alluxio Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board component...
CVE-2020-21485
Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board component...
CVE-2020-21485
Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board component...
PT-2023-11589 · Alluxio · Alluxio
Name of the Vulnerable Software and Affected Versions: Alluxio version 1.8.1 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the path parameter in the "browse board component". Recommendations: For Alluxio version 1.8.1, consider restricting access...