Apache · Apache Oozie · CVE-2025-26796
**Name of the Vulnerable Software and Affected Versions**
Apache Oozie (affected versions not specified)
**Description**
The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This problem affects Apache Oozie, a retired project. As a result, no fix will be released for this issue. Users are advised to find an alternative solution or restrict access to the instance to trusted users to minimize potential risks.
**Recommendations**
As a temporary workaround, consider restricting access to the Apache Oozie instance to trusted users until an alternative solution can be implemented.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.