You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Keval Bhatt <kb...@apache.org> on 2020/09/15 05:44:03 UTC
[CVE-2020-13928 ] Apache Atlas Multiple XSS Vulnerability
Hello,
Please find below details on CVE fixed in Apache Atlas releases *2.1.0*
-------------------------------------------------------------------------------------------------
CVE-2020-13928: Atlas was found vulnerable to a Cross-Site
Scripting in Basic Search functionality.
Severity: Critical
Vendor: The Apache Software Foundation
Versions affected: Apache Atlas versions 2.0.0
Users affected: Apache Atlas UI search functionality, Save Search
Description: Apache Atlas Multiple XSS Vulnerability
Fix detail: Apache Atlas was updated to sanitize the
user input and while rendering
Mitigation: Users should upgrade to 2.1.0 or later
version of Apache Atlas
Credit: MichaĆ Orzechowski
-------------------------------------------------------------------------------------------------
Thanks,
Keval