Description
Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
Remediation
References
https://lists.apache.org/thread.html/ra468036f913be41b0c8fea74f91d53e273b0bfa838a4b140a5dcd463%40%3Cuser.atlas.apache.org%3E
Related Vulnerabilities
CVE-2013-4590 Vulnerability in maven package org.apache.tomcat:catalina
CVE-2022-28732 Vulnerability in maven package org.apache.jspwiki:jspwiki-main
CVE-2021-44791 Vulnerability in maven package org.apache.druid:druid
CVE-2023-40037 Vulnerability in maven package org.apache.nifi:nifi-dbcp-service-api
CVE-2022-25179 Vulnerability in maven package org.jenkins-ci.plugins.workflow:workflow-multibranch