Lucene search
GoogleOSV:GHSA-V7MF-QGXF-QMVFHistoryOct 17, 2018 - 5:21 p.m.
Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies
2018-10-1717:21:54
Google
osv.dev
9
0.0004 Low
EPSS
Percentile
15.8%
Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.ranger:ranger | eq | 0.6.2 | |
| org.apache.ranger:ranger | eq | 0.6.1 | |
| org.apache.ranger:ranger | eq | 0.6.0 |
Related
cvelist
cvelist
CVE-2016-8751
2017-06-14 17:00:00
cve
cve
CVE-2016-8751
2017-06-14 17:29:00
osv
osv
CVE-2016-8751
2017-06-14 17:29:00
github
github
veracode
veracode
Stored Cross-Site Scripting (XSS)
2017-03-09 04:36:44
prion
prion
Cross site scripting
2017-06-14 17:29:00
nvd
nvd
CVE-2016-8751
2017-06-14 17:29:00
mageia
mageia
Updated jasper packages fix security vulnerabilities
2017-12-31 03:10:15
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0474)
2022-01-28 00:00:00