oss-sec mailing list archives
Fwd: [CVE-2020-13928 ] Apache Atlas Multiple XSS Vulnerability
From: Keval Bhatt <kbhatt () apache org>
Date: Tue, 15 Sep 2020 11:15:41 +0530
Hello, Please find below details on CVE fixed in Apache Atlas releases *2.1.0* ------------------------------------------------------------------------------------------------- CVE-2020-13928: Atlas was found vulnerable to a Cross-Site Scripting in Basic Search functionality. Severity: Critical Vendor: The Apache Software Foundation Versions affected: Apache Atlas versions 2.0.0 Users affected: Apache Atlas UI search functionality, Save Search Description: Apache Atlas Multiple XSS Vulnerability Fix detail: Apache Atlas was updated to sanitize the user input and while rendering Mitigation: Users should upgrade to 2.1.0 or later version of Apache Atlas Credit: MichaĆ Orzechowski ------------------------------------------------------------------------------------------------- Thanks, Keval
Current thread:
- Fwd: [CVE-2020-13928 ] Apache Atlas Multiple XSS Vulnerability Keval Bhatt (Sep 15)