The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2017-04-26T20:00:00

Updated: 2024-08-05T14:16:28.253Z

Reserved: 2016-12-05T00:00:00

Link: CVE-2017-3161

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-04-26T20:59:00.213

Modified: 2024-11-21T03:24:57.357

Link: CVE-2017-3161

cve-icon Redhat

No data.