Vulnerability CVE-2022-45470


Published: 2022-11-21

Description:
** UNSUPPORTED WHEN ASSIGNED ** missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://lists.apache.org/thread/ztvoshd4kxvp5vlro52mpgpfxct4ft8l
http://www.openwall.com/lists/oss-security/2022/11/21/1

Copyright 2022, cxsecurity.com

 

Back to Top