GHSA-x3v6-f5fr-4wwv: XSS
First published: Thu Feb 13 2025(Updated: )
An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to version 2.4.0, which fixes the issue.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/org.apache.atlas:apache-atlas | >=2.0.0<2.4.0 | 2.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of GHSA-x3v6-f5fr-4wwv?
GHSA-x3v6-f5fr-4wwv has a high severity as it allows an authenticated user to perform XSS and potentially impersonate another user.
How do I fix GHSA-x3v6-f5fr-4wwv?
To fix GHSA-x3v6-f5fr-4wwv, upgrade Apache Atlas to version 2.4.0 or later.
Which versions of Apache Atlas are affected by GHSA-x3v6-f5fr-4wwv?
Apache Atlas versions 2.3.0 and earlier are affected by GHSA-x3v6-f5fr-4wwv.
Can the vulnerabilities in GHSA-x3v6-f5fr-4wwv lead to data breaches?
Yes, if exploited, the vulnerabilities in GHSA-x3v6-f5fr-4wwv can potentially lead to data breaches through user impersonation.
Is it necessary to restart my server after fixing GHSA-x3v6-f5fr-4wwv?
Yes, it is recommended to restart your server after upgrading Apache Atlas to ensure the security fix takes effect.
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-x3v6-f5fr-4wwv
- alias/CVE-2024-46910
- agent/software-canonical-lookup
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/source
- agent/description
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/event
- collector/github-advisory
- package-manager/maven