You are viewing a plain text version of this content. The canonical link for it is here.

Posted to announce@apache.org by Dan Smith <up...@apache.org> on 2022/10/24 17:14:46 UTC

CVE-2022-34870: Apache Geode stored Cross-Site Scripting (XSS) via data injection vulnerability in Pulse web application

Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site
Scripting (XSS) via data injection when using Pulse web application to
view Region entries.

This issue is being tracked as GEODE-10411