Lucene search
GoogleOSV:GHSA-9Q6V-RXMW-G3GHHistoryMar 01, 2024 - 3:31 p.m.
Apache Ambari: Various Cross site scripting problems
2024-03-0115:31:38
Google
osv.dev
8
apache ambari
input validation
cross site scripting
data access
session hijacking
unauthorized actions
upgrade
Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8
Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads.
Users are recommended to upgrade to version 2.7.8 which fixes this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.ambari:ambari | eq | 2.0.0.0 | |
| org.apache.ambari:ambari | eq | 1.7.0.0 |
Related
veracode
veracode
Cross-Site Scripting (XSS)
2024-03-04 17:14:01
cvelist
cvelist
CVE-2023-50378 Apache Ambari: Various XSS problems
2024-03-01 14:38:29
github
github
Apache Ambari: Various Cross site scripting problems
2024-03-01 15:31:38
prion
prion
Input validation
2024-03-01 15:15:00
nvd
nvd
CVE-2023-50378
2024-03-01 15:15:08
cve
cve
CVE-2023-50378
2024-03-01 15:15:08