216.73.216.78

CVE-2025-26796

· Published 22/03/2025 13:15 · Modified 22/03/2025 14:15

Labels: CVE-2025-26796 2025-03-22CVE-2025-26796CWE-79[email protected]

Essential information

Published
22/03/2025 13:15
Modified
22/03/2025 14:15
Author
Creator
CISA KEV
No
CWE

Description

** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Oozie. This issue affects Apache Oozie: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
apache / oozie cpe:2.3:a:apache:oozie:*:*:*:*:*:*:*:*

References