Cross-Site Scripting (XSS) Vulnerability in HDFS Web UI in Apache Hadoop

Cross-Site Scripting (XSS) Vulnerability in HDFS Web UI in Apache Hadoop

CVE-2017-3161 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.

Learn more about our Cis Benchmark Audit For Apache Http Server.