A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and previous versions, and 3.3.0, allows remote malicious users to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache spark 3.3.0 |
||
apache spark |