AI Score
Confidence
High
EPSS
Percentile
9.0%
org.apache.zeppelin: zeppelin-web is vulnerable to Cross Site Request Forgery (CSRF). The vulnerability is due to inadequate validation of requests, which allows an attacker to submit malicious requests via phishing.
www.openwall.com/lists/oss-security/2024/04/09/3
github.com/advisories/GHSA-prvg-rh5h-74jr
lists.apache.org/thread/dttzkkv4qyn1rq2fdv1r94otb1osxztc