Latest Vulnerabilities and Exploits



CVE ID:

CVE-2022-45470

Details:

** UNSUPPORTED WHEN ASSIGNED ** missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.

References:

:https://lists.apache.org/thread/ztvoshd4kxvp5vlro52mpgpfxct4ft8l
:https://lists.apache.org/thread/ztvoshd4kxvp5vlro52mpgpfxct4ft8l
MLIST:[oss-security] 20221121 -2022-45470: Apache Hama allows XSS and information disclosure
:http://www.openwall.com/lists/oss-security/2022/11/21/1

ZeroDayLab Assigned Tags:

CROSS SITE SCRIPTING - What is Cross Site Scripting?