Cross-Site Scripting Vulnerability in Apache Ranger's Policy Import Functionality

Cross-Site Scripting Vulnerability in Apache Ranger's Policy Import Functionality

CVE-2019-12397 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. Upgrade to 2.0.0 or later version of Apache Ranger with the fix.

Learn more about our Cis Benchmark Audit For Apache Http Server.