CVE-2021-28656

Cross-Site Request Forgery CSRF vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions...

CVE-2021-28656

Cross-Site Request Forgery CSRF vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions...

CVE-2021-28656

CVE-2021-28656 corresponds to a CSRF issue in the Credential page of Apache Zeppelin (affected versions: 0.9.0 and prior). The root cause cited across sources is inadequate validation of requests, enabling an attacker to submit malicious requests (e.g., via phishing). Several connected documents ...

PT-2024-10914 · Apache · Apache Zeppelin

Name of the Vulnerable Software and Affected Versions: Apache Zeppelin versions 0.9.0 and prior versions Description: A Cross-Site Request Forgery CSRF issue in the Credential page of Apache Zeppelin allows an attacker to submit malicious requests. Recommendations: For Apache Zeppelin versions...

Apache Zeppelin 跨站请求伪造漏洞

Apache Zeppelin is an open source web-based laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. A cross-site request forgery vulnerability exists in Apache Zeppelin version 0.9.0 and earlier, which stems from a...