Apache Spark UI - Cross-Site Scripting

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

10 days 22 hours

Scan only one

URL

Toolbox

-

Apache Spark UI before 2.3.2 is vulnerable to XSS via unsanitized query string parameters in the /jobs/ endpoint.


References:
Get started to protecting your digital assets