Description
Cross-site scripting (XSS) vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web script or HTML via vectors related to policies.
Remediation
References
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
http://www.securityfocus.com/bid/92577
Related Vulnerabilities
CVE-2021-32624 Vulnerability in npm package keystone
CVE-2018-1999047 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-27263 Vulnerability in npm package strapi
CVE-2021-37942 Vulnerability in maven package co.elastic.apm:elastic-apm-agent
CVE-2019-3772 Vulnerability in maven package org.springframework.integration:spring-integration-xml