Apache Ambari Prior to 2.7.8 Vulnerable to XSS Attacks
CVE-2023-50378

Currently unrated

Key Information:

Vendor: Apache
Status: Apache Ambari
Vendor: CVE Published:; 1 March 2024

What is CVE-2023-50378?

Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8

Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads.

Users are recommended to upgrade to version 2.7.8 which fixes this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Apache Ambari 2.7.0 <= 2.7.7

References

https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz...

vendor-advisory

Timeline

Vulnerability published
Mar 1, 2024
Vulnerability Reserved
Dec 7, 2023

JSON

Apache

What is CVE-2023-50378?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.