CVE-2022-31777

A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
Configurations

Configuration 1

cpe:2.3:a:apache:spark:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*

Information

Published : 2022-11-01 04:15

Updated : 2022-11-29 05:58


NVD link : CVE-2022-31777

Mitre link : CVE-2022-31777

Products Affected
No products.
CWE