3 matches found
CVE-2018-1328
Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph"...
CVE-2018-1328
Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph"...
CVE-2018-1328
CVE-2018-1328 affects Apache Zeppelin prior to 0.8.0, where a stored XSS flaw exists via Note permissions. The root cause is unsanitized input in Note handling that can trigger script execution. Impact is user-facing XSS; remediation is upgrading Zeppelin to 0.8.0 or later (or applying equivalent...