CVE-2024-46910

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Feb 13, 2025

CWE ID 80

Summary

CVE-2024-46910 is a vulnerability that grants authenticated users the ability to execute Cross-Site Scripting (XSS) attacks on Apache Atlas, potentially allowing them to impersonate other users. This issue affects Apache Atlas versions 2.3.0 and earlier. To mitigate this risk, users are advised to upgrade to the latest version, 2.4.0, which includes the necessary security patch. This XSS flaw could lead to serious consequences, including unauthorized access or data theft, making the upgrade an urgent priority for affected organizations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ymwbbr
https://www.cve.org/CVERecord?id=CVE-2024-46910
https://nvd.nist.gov/vuln/detail/CVE-2024-46910

Back to Vulnerability Database

CVE-2024-46910

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations