Description
The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
Remediation
References
https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2
Related Vulnerabilities
CVE-2021-43980 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2020-7019 Vulnerability in maven package org.elasticsearch.plugin:x-pack
CVE-2022-45143 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2019-10376 Vulnerability in maven package org.jenkins-ci.plugins:jenkinswalldisplay
CVE-2023-40013 Vulnerability in npm package external-svg-loader