Vulnerabilities > Apache > Knox > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-17 | CVE-2021-42357 | Cross-site Scripting vulnerability in Apache Knox When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. | 6.1 |
2017-05-26 | CVE-2017-5646 | Origin Validation Error vulnerability in Apache Knox For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. | 6.8 |