Lucene search
Veracode Vulnerability DatabaseVERACODE:45754HistoryMar 04, 2024 - 5:14 p.m.
Cross-Site Scripting (XSS)
2024-03-0417:14:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
cross-site scripting
org.apache.ambari
stored xss
insufficient validation
constraint enforcement
unauthorized actions
unauthorized data access
session hijacking
malicious payloads
org.apache.ambari, ambari is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to insufficient validation and constraint enforcement, resulting in a stored XSS. This could potentially be exploited to perform unauthorized actions, ranging from unauthorized data access to session hijacking and the delivery of malicious payloads.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ambari main | le | 2.0.0.0 | |
| apache ambari project pom | le | 2.0.0.0 | |
| ambari main | le | 2.0.0.0 | |
| apache ambari project pom | le | 2.0.0.0 |
Related
osv
osv
Apache Ambari: Various Cross site scripting problems
2024-03-01 15:31:38
cve
cve
CVE-2023-50378
2024-03-01 15:15:08
prion
prion
Input validation
2024-03-01 15:15:00
nvd
nvd
CVE-2023-50378
2024-03-01 15:15:08
cvelist
cvelist
CVE-2023-50378 Apache Ambari: Various XSS problems
2024-03-01 14:38:29
github
github
Apache Ambari: Various Cross site scripting problems
2024-03-01 15:31:38