org.apache.knox:gateway-applications is vulnerable to a cross-site scripting (XSS) attacks. A remote attacker is able to use a specially crafted request to redirect a user to a malicious page controlled by the attacker, due to improper URL parsing.
CPE | Name | Operator | Version |
---|---|---|---|
gateway-applications | le | 1.6.0 | |
gateway-applications | le | 1.6.0 |