CVE-2024-46910

CWE-804 documents4 sources
Severity
7.1HIGH
EPSS
0.4%
top 36.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache AtlasApache Software Foundation Apache Atlas
Timeline
PublishedFeb 13

Description

An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to version 2.4.0, which fixes the issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages3 packages

NVDapache/atlas2.0.02.4.0
Mavenorg.apache.atlas:apache-atlas2.0.02.4.0
CVEListV5apache_software_foundation/apache_atlas2.0.02.3.0

🔴Vulnerability Details

3
OSV
Apache Atlas: An authenticated user can perform XSS and potentially impersonate another user2025-02-13
GHSA
Apache Atlas: An authenticated user can perform XSS and potentially impersonate another user2025-02-13
CVEList
Apache Atlas: An authenticated user can perform XSS and potentially impersonate another user2025-02-13
CVE-2024-46910 (HIGH CVSS 7.1) | An authenticated user can perform X | cvebase.io