Vulnerabilities > Apache > Zeppelin > 0.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-16 | CVE-2021-28655 | Improper Input Validation vulnerability in Apache Zeppelin The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. | 6.5 |
| 2022-12-16 | CVE-2022-46870 | Cross-site Scripting vulnerability in Apache Zeppelin An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users' browsers. This issue affects Apache Zeppelin before 0.8.2. | 5.4 |