oss-sec mailing list archives
CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page
From: Jongyoul Lee <jongyoul () apache org>
Date: Tue, 09 Apr 2024 02:10:27 +0000
Severity: low Affected versions: - Apache Zeppelin through 0.9.0 Description: Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions. Credit: Jiang Qingzhi (finder) References: https://zeppelin.apache.org/ https://www.cve.org/CVERecord?id=CVE-2021-28656
Current thread:
- CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page Jongyoul Lee (Apr 09)