Description
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7799 https://github.com/apache/inlong/pull/7799 to solve it.
Remediation
References
https://lists.apache.org/thread/1osd2k3t3qol2wdsswqtr9gxdkf78n00
Related Vulnerabilities
CVE-2022-34805 Vulnerability in maven package org.jenkins-ci.plugins:skype-notifier
CVE-2023-5763 Vulnerability in maven package org.glassfish.main.orb:orb-connector
CVE-2020-2298 Vulnerability in maven package org.jenkins-ci.plugins:nerrvana-plugin
CVE-2023-27490 Vulnerability in npm package next-auth
CVE-2021-22112 Vulnerability in maven package org.springframework.security:spring-security-core