CVE-2024-46910
Apache Atlas: An authenticated user can perform XSS and potentially impersonate another user
7.1
HIGH
CVSS 3.1
EPSS 0.45%
Description
An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to version 2.4.0, which fixes the issue.
How to fix CVE-2024-46910
To remediate CVE-2024-46910, upgrade the affected package to a fixed version below.
- —upgrade to 2.4.0 or later
Is CVE-2024-46910 being exploited?
Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 2.0.0, < 2.4.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N |