Description
Cross-site scripting (XSS) vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web script or HTML via vectors related to policies.
Remediation
References
http://www.securityfocus.com/bid/92577
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
Related Vulnerabilities
CVE-2016-10735 Vulnerability in maven package org.webjars:bootstrap
CVE-2022-29078 Vulnerability in maven package org.webjars.npm:ejs
CVE-2018-7408 Vulnerability in maven package org.webjars:npm
CVE-2019-16761 Vulnerability in npm package slp-validate
CVE-2022-46907 Vulnerability in maven package org.apache.jspwiki:jspwiki-war