You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Will Harmon (JIRA)" <ji...@apache.org> on 2016/08/17 21:57:20 UTC
[jira] [Created] (HDFS-10774) Reflective XSS and HTML injection
vulnerability
Will Harmon created HDFS-10774:
----------------------------------
Summary: Reflective XSS and HTML injection vulnerability
Key: HDFS-10774
URL: https://issues.apache.org/jira/browse/HDFS-10774
Project: Hadoop HDFS
Issue Type: Bug
Components: security
Affects Versions: 2.0.0-alpha
Reporter: Will Harmon
I’m assessing my customer's Apache Hadoop 2.0.0-CDH4.7.0 installation, and I came across an XSS and HTML injection vulnerability. Although my customer instance is 2.0.0, newer versions are also likely vulnerable. I’d like to provide more details about my finding but first want to ensure I’m communicating with the correct group. Please let me know if you would like to know more and how I can securely share my findings.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org