CVE-2025-26796

Name of the Vulnerable Software and Affected Versions Apache Oozie (affected versions not specified)

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This problem affects Apache Oozie, a retired project. As a result, no fix will be released for this issue. Users are advised to find an alternative solution or restrict access to the instance to trusted users to minimize potential risks.

Recommendations As a temporary workaround, consider restricting access to the Apache Oozie instance to trusted users until an alternative solution can be implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.