Hello,


Please find below details on CVE fixed in Apache Atlas releases *2.1.0*

-------------------------------------------------------------------------------------------------

CVE-2020-13928:         Atlas was found vulnerable to a Cross-Site
Scripting in Basic Search functionality.

Severity:                      Critical

Vendor:                        The Apache Software Foundation

Versions affected:        Apache Atlas versions 2.0.0

Users affected:            Apache Atlas UI search functionality, Save Search

Description:                  Apache Atlas Multiple XSS Vulnerability

Fix detail:                     Apache Atlas was updated to sanitize the
user input and while rendering

Mitigation:                    Users should upgrade to 2.1.0 or later
version of Apache Atlas

Credit:                         MichaƂ Orzechowski


-------------------------------------------------------------------------------------------------



Thanks,

Keval

Reply via email to