oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page

From: Jongyoul Lee <jongyoul () apache org>
Date: Tue, 09 Apr 2024 02:10:27 +0000
Severity: low

Affected versions:

- Apache Zeppelin through 0.9.0

Description:

Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit 
malicious request.  This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Credit:

Jiang Qingzhi (finder)

References:

https://zeppelin.apache.org/
https://www.cve.org/CVERecord?id=CVE-2021-28656
Previous By Date Next
Previous By Thread Next

Current thread: