[MAPREDUCE-3804] yarn webapp interface vulnerable to cross scripting attacks - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.23.0
Fix Version/s: 0.23.1
Component/s: jobhistoryserver, mrv2, resourcemanager
Labels:
None

Target Version/s:

0.23.1
Hadoop Flags:

Reviewed
Release Note:
fix cross scripting attacks vulnerability through webapp interface.

Description

Yarn webapp interface may be vulnerable to certain cross scripting attacks, injected through URL request.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

MAPREDUCE_3804_br_0.23.0.patch
03/Feb/12 22:16
1 kB
Dave Thompson
MAPREDUCE-3804.patch
06/Feb/12 21:22
2 kB
Dave Thompson
MAPREDUCE-3804.patch
03/Feb/12 22:31
1 kB
Dave Thompson

Activity

People

Assignee:: Dave Thompson

Reporter:: Dave Thompson

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 03/Feb/12 21:34

Updated:: 05/Mar/12 02:49

Resolved:: 06/Feb/12 22:42