-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.apache.atlas:atlas-common | maven | >= 0.6.0-incubating, < 0.7.1-incubating | 0.7.1-incubating |
JavaJavaMiggo AIRoot Cause AnalysisThe vulnerability is a DOM XSS in edit-tag functionality, which implies client-side JavaScript execution without server-side validation. While exact code isn't available, DOM XSS typically occurs when user-controlled input (like tag names) is unsafely written to the DOM. The edit-tag feature would require a client-side handler to display/modify tags, making functions handling tag input rendering prime candidates. The high confidence comes from: 1) Vulnerability specificity to edit-tag DOM manipulation 2) Standard XSS patterns in JavaScript UIs 3) CWE-79 alignment with unsafe DOM writes.