Arbitrary File Deletion Vulnerability in Apache Zeppelin's Move folder to Trash Feature

Arbitrary File Deletion Vulnerability in Apache Zeppelin's Move folder to Trash Feature

CVE-2021-28655 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Learn more about our Cis Benchmark Audit For Apache Http Server.