Description
Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
Remediation
References
https://lists.apache.org/thread.html/ra468036f913be41b0c8fea74f91d53e273b0bfa838a4b140a5dcd463%40%3Cuser.atlas.apache.org%3E
Related Vulnerabilities
CVE-2022-22965 Vulnerability in maven package org.springframework.boot:spring-boot-starter-webflux
CVE-2020-2135 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2023-30529 Vulnerability in maven package org.jenkins-ci.plugins:lucene-search
CVE-2022-31160 Vulnerability in maven package org.webjars.npm:jquery-ui
CVE-2023-35145 Vulnerability in maven package org.jenkins-ci.plugins:sonargraph-integration