Cross-site scripting in Apache Ranger
Moderate severity
GitHub Reviewed
Published
Aug 16, 2019
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Package
Affected versions
>= 0.7.0, <= 1.2.0
Patched versions
2.0.0
Description
Published by the National Vulnerability Database
Aug 8, 2019
Reviewed
Aug 9, 2019
Published to the GitHub Advisory Database
Aug 16, 2019
Last updated
Feb 1, 2023
Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. Upgrade to 2.0.0 or later version of Apache Ranger with the fix.
References