Gyujin

**Name of the Vulnerable Software and Affected Versions** Apache Ranger version 2.4.0 **Description** A Stored XSS issue exists in the Edit Service Page of the Apache Ranger UI. This allows for malicious script execution. Users are advised to upgrade to Apache Ranger version 2.5.0 to resolve the issue. **Recommendations** For Apache Ranger version 2.4.0, upgrade to version 2.5.0 to fix the issue. As a temporary workaround, consider restricting access to the Edit Service Page in the Apache Ranger UI until the upgrade can be applied.

Name of the Vulnerable Software and Affected Versions: Apache Ranger versions 2.4.0 Description: A Server-Side Request Forgery (SSRF) issue exists in the Edit Service Page of the Apache Ranger UI. Users are recommended to upgrade to version Apache Ranger 2.5.0 to resolve this issue. Recommendations: Apache Ranger version 2.4.0: Upgrade to Apache Ranger version 2.5.0 to fix the SSRF vulnerability.