CVE-2021-28656

Description

Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

References

https://lists.apache.org/thread/dttzkkv4qyn1rq2fdv1r94otb1osxztc

http://www.openwall.com/lists/oss-security/2024/04/09/3

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS