Cross-site scripting (XSS) vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web script or HTML via vectors related to policies.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/92577 | Third Party Advisory VDB Entry |
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2016-09-26T14:00:00
Updated: 2016-09-26T13:57:01
Reserved: 2016-06-10T00:00:00
Link: CVE-2016-5395
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-09-26T14:59:04.210
Modified: 2016-09-27T15:54:20.937
Link: CVE-2016-5395
JSON object: View
Redhat Information
No data.
CWE