Paulo Pacheco

**Name of the Vulnerable Software and Affected Versions** Apache Zeppelin versions prior to 0.9.0 **Description** The issue is a Cross Site Scripting vulnerability in the markdown interpreter of Apache Zeppelin, allowing an attacker to inject malicious scripts. **Recommendations** For versions prior to 0.9.0, update to version 0.9.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the markdown interpreter until a patch is applied.