CVE-2017-3150

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:atlas:0.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:atlas:0.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:apache:atlas:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:atlas:0.7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:atlas:0.7.0:rc2:*:*:*:*:*:*

History

21 Nov 2024, 03:24

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/100536 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/100536 - Third Party Advisory, VDB Entry
References () https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3E - () https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3E -

07 Nov 2023, 02:44

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea@%3Cdev.atlas.apache.org%3E', 'name': '[dev] 20170507 CVE updates: fixes in Apache Atlas 0.7.1-incubating', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3E -

Information

Published : 2017-08-29 20:29

Updated : 2024-11-21 03:24


NVD link : CVE-2017-3150

Mitre link : CVE-2017-3150

CVE.ORG link : CVE-2017-3150


JSON object : View

Products Affected

apache

  • atlas
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')