An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users' browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-12-16T12:55:37.597Z

Updated: 2024-08-03T14:39:39.095Z

Reserved: 2022-12-09T14:04:31.289Z

Link: CVE-2022-46870

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-12-16T13:15:09.103

Modified: 2024-11-21T07:31:12.807

Link: CVE-2022-46870

cve-icon Redhat

No data.