CVE-2020-1936

CVE-2020-1936: Stored XSS in Apache Ambari

Vendor Apache Software Foundation

Product Apache Ambari

Weakness CWE-79 · XSS

Published March 2, 2021

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.

Key dates

02Disclosure timeline

March 2, 2021 CVE published

February 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-1936

Related vulnerabilities

04Related CVE

CVE-2023-48300 Embed Privacy missing escaping for show_all attribute in opt-out shortcode CVE-2024-4734 Import and export users and customers <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2735 Groundhogg <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2025-5753 Valuation Calculator <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via link Parameter CVE-2022-0674 Kunze Law < 2.1 - Admin+ Stored Cross-Site Scripting