Apache Spark UI - Cross-Site Scripting

Short Info

Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

11 days 1 hour

Scan only one

URL

Toolbox

-

Apache Spark UI before 2.3.2 is vulnerable to XSS via unsanitized query string parameters in the /jobs/ endpoint.

References:

Get started to protecting your digital assets

Start trial See the plans