CVE-2020-1936Cross-site Scripting in Software Foundation Apache Ambari

CWE-79Cross-site Scripting4 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
2.5%
top 14.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache Software Foundation Apache AmbariApache Ambari
Timeline
PublishedMar 2
Latest updateJan 6

Description

A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

CVEListV5apache_software_foundation/apache_ambariApache Ambari2.7.4
NVDapache/ambari< 2.7.4

🔴Vulnerability Details

3
OSV
Cross-site Scripting (XSS) in Apache Ambari Views2022-01-06
GHSA
Cross-site Scripting (XSS) in Apache Ambari Views2022-01-06
CVEList
Stored XSS in Apache Ambari2021-03-02
CVE-2020-1936 — Cross-site Scripting | cvebase