You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Jeff Zhang <zj...@apache.org> on 2021/09/02 16:07:42 UTC
CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown
interpreter
Description:
Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0.
Credit:
Apache Zeppelin would like to thank Paulo Pacheco for reporting this issue