CVE-2017-3155
MEDIUMApache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting
Title source: llmDescription
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3E
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100587
Scores
CVSS v3
6.1
EPSS
0.0194
EPSS Percentile
83.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (5)
apache/atlas
0.6.0 (3 CPE variants)
apache/atlas
0.7.0 (3 CPE variants)
Apache Software Foundation/Apache Atlas
0.6.0-incubating
Apache Software Foundation/Apache Atlas
0.7.0-incubating
org.apache.atlas/atlas-common
0.6.0-incubating - 0.7.1-incubatingMaven
Published
Aug 29, 2017
Tracked Since
Feb 18, 2026