Lucene search
China National Vulnerability DatabaseCNVD-2022-89420HistoryDec 20, 2022 - 12:00 a.m.
Apache Zeppelin Cross-Site Scripting Vulnerability (CNVD-2022-89420)
2022-12-2000:00:00
China National Vulnerability Database
www.cnvd.org.cn
24
apache zeppelin
cross-site scripting
vulnerability
cnvd-2022-89420
web-based
apache foundation
EPSS
0.001
Percentile
48.9%
Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. The application supports interactive data analysis and collaborative documentation. versions of Apache Zeppelin prior to 0.8.2 contain a cross-site scripting vulnerability that stems from a failure to neutralize input during web page generation and could be exploited by an attacker to execute arbitrary javascript in another user’s browser.
Related
osv
osv
CVE-2022-46870
2022-12-16 13:15:09
Apache Zeppelin Cross-site Scripting vulnerability
2022-12-20 21:30:19
cve
cve
CVE-2022-46870
2022-12-16 13:15:09
cvelist
cvelist
CVE-2022-46870 Apache Zeppelin: Stored XSS in note permissions
2022-12-16 12:55:37
nvd
nvd
CVE-2022-46870
2022-12-16 13:15:09
prion
prion
Cross site scripting
2022-12-16 13:15:00
github
github
Apache Zeppelin Cross-site Scripting vulnerability
2022-12-20 21:30:19
veracode
veracode
Cross-site Scripting (XSS)
2022-12-19 04:31:12