oss-sec mailing list archives
CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown interpreter
From: Jeff Zhang <zjffdu () apache org>
Date: Thu, 02 Sep 2021 16:07:42 +0000
Description: Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0. Credit: Apache Zeppelin would like to thank Paulo Pacheco for reporting this issue
Current thread:
- CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown interpreter Jeff Zhang (Sep 02)