CVE-2024-46910

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-46910

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46910.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-46910

Aliases

GHSA-x3v6-f5fr-4wwv

Published

2025-02-13T09:15:09.827Z

Modified

2026-04-10T05:18:02.774486Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N CVSS Calculator

Summary

[none]

Details

An authenticated user can perform XSS and potentially impersonate another user.

This issue affects Apache Atlas versions 2.3.0 and earlier.

Users are recommended to upgrade to version 2.4.0, which fixes the issue.

References

Affected packages

Git / github.com/apache/atlas

Affected ranges

Type

GIT

Repo

https://github.com/apache/atlas

Events

Introduced

Fixed

4787b753271718d0b06cf6545f331f9a12ce1f63

Database specific

{
    "versions": [
        {
            "introduced": "2.0.0"
        },
        {
            "fixed": "2.4.0"
        }
    ]
}

Affected versions

release-2.*

release-2.0.0-rc0

release-2.0.0-rc1

release-2.0.0-rc2

release-2.1.0-rc0

release-2.1.0-rc1

release-2.1.0-rc2

release-2.1.0-rc3

release-2.2.0-rc0

release-2.2.0-rc1

release-2.3.0

release-2.3.0-rc0

release-2.3.0-rc1

release-2.4.0-rc0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46910.json"