Apache Spark UI - Cross-Site Scripting
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
10 days 22 hours
Scan only one
URL
Toolbox
-
Apache Spark UI before 2.3.2 is vulnerable to XSS via unsanitized query string parameters in the /jobs/ endpoint.
References: