CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Veracode•added 2024/03/04 5:14 p.m.•17 views

Cross-Site Scripting (XSS)

org.apache.ambari, ambari is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient validation and constraint enforcement, resulting in a stored XSS. This could potentially be exploited to perform unauthorized actions, ranging from unauthorized data access to session...

6.1CVSS6AI score0.02055EPSS

Exploits0References3Affected Software2

Github Security Blog•added 2024/03/01 3:31 p.m.•21 views

Apache Ambari: Various Cross site scripting problems

Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8 Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. Users are recommended to upgrade to...

6.1CVSS6.8AI score0.02055EPSS

Exploits0References4Affected Software1

Prion•added 2024/03/01 3:15 p.m.•23 views

Input validation

6.8AI score0.02055EPSS

Exploits0References1

CVE•added 2024/03/01 2:38 p.m.•83 views

CVE-2023-50378

CVE-2023-50378 affects Apache Ambari prior to 2.7.8, where insufficient input validation and constraint enforcement enables stored cross-site scripting (XSS). This could allow attackers to access data, hijack sessions, or deliver malicious payloads. Remediation: upgrade to Ambari 2.7.8 or later (...

6.1CVSS6.2AI score0.02055EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by