Vulnerabilities > Apache > Ambari > 2.6.2.2

DATE CVE VULNERABILITY TITLE RISK
2021-03-17 CVE-2020-13924 Path Traversal vulnerability in Apache Ambari
In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.
network
low complexity
apache CWE-22
7.5
7.5
2021-03-02 CVE-2020-1936 Cross-site Scripting vulnerability in Apache Ambari
A cross-site scripting issue was found in Apache Ambari Views.
network
low complexity
apache CWE-79
6.1
6.1