CVE-2024-41177 Information
Aug 04, 2025
cve
Description
Incomplete Blacklist to Cross-Site Scripting vulnerability in Apache Zeppelin.
This issue affects Apache Zeppelin: before 0.12.0.
Users are recommended to upgrade to version 0.12.0 which fixes the issue.
Reference
https://github.com/apache/zeppelin/pull/4755 https://github.com/apache/zeppelin/pull/4795 https://lists.apache.org/thread/nwh8vh9f3pnvt04n8z4g2kbddh62blr6
Related CNNVD
CNNVD-202508-181 (Published: 2025-08-03)
Share on: