Vulnerabilities > Apache > Druid > 0.22.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-07 | CVE-2021-44791 | Cross-site Scripting vulnerability in Apache Druid In Apache Druid 0.22.1 and earlier, certain specially-crafted links result in unescaped URL parameters being sent back in HTML responses. | 4.3 |
2022-07-07 | CVE-2022-28889 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apache Druid In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. | 4.3 |