CVE-2024-24683: Apache Hop Engine: ID isn’t escaped when generating HTML

CVE-2024-24683: Apache Hop Engine: ID isn’t escaped when generating HTML

Open Source Security [[{„value“:“

Posted by Hans Van Akelyen on Mar 18

Severity: low

Affected versions:

– Apache Hop Engine before 2.8.0

Description:

Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0.

Users are recommended to upgrade to version 2.8.0, which fixes the issue.

When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the user was
not properly escaped.
The variable not properly escaped…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert