CVE-2019-10070

Name of the Vulnerable Software and Affected Versions Apache Atlas versions 0.8.3 and 1.1.0

Description The issue is related to the lack of input data sanitization in the Apache Atlas metadata management system. This can be exploited by a remote attacker to perform cross-site scripting attacks, specifically Stored Cross-Site Scripting in the search functionality.

Recommendations For Apache Atlas version 0.8.3, update to a version that includes input sanitization to prevent cross-site scripting attacks. For Apache Atlas version 1.1.0, apply the necessary patches or configuration changes to ensure proper input data cleaning in the search functionality. At the moment, there is no information about a newer version that contains a fix for this vulnerability.