Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-28656

Source

                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Jongyoul Lee &lt;jongyoul () apache org&gt;

Date: Tue, 09 Apr 2024 02:10:27 +0000

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Severity: low

Affected versions:

- Apache Zeppelin through 0.9.0

Description:

Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit 
malicious request.  This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Credit:

Jiang Qingzhi (finder)

References:

https://zeppelin.apache.org/
https://www.cve.org/CVERecord?id=CVE-2021-28656

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page Jongyoul Lee (Apr 09)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page

Vulmon Search

About

Products

Connect