Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
References
Link | Resource |
---|---|
https://lists.apache.org/thread.html/ra468036f913be41b0c8fea74f91d53e273b0bfa838a4b140a5dcd463%40%3Cuser.atlas.apache.org%3E | Mailing List Vendor Advisory |
Configurations
Information
Published : 2020-09-16 11:15
Updated : 2020-09-23 09:53
NVD link : CVE-2020-13928
Mitre link : CVE-2020-13928
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
apache
- atlas