Description
Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
Remediation
References
https://lists.apache.org/thread.html/ra468036f913be41b0c8fea74f91d53e273b0bfa838a4b140a5dcd463%40%3Cuser.atlas.apache.org%3E
Related Vulnerabilities
CVE-2021-25329 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2019-16775 Vulnerability in maven package org.webjars.bower:npm
CVE-2020-13445 Vulnerability in maven package com.liferay:com.liferay.portal.template.velocity
CVE-2022-42252 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2018-11765 Vulnerability in maven package org.apache.hadoop:hadoop-common