CVE-2025-3884
- EPSS 12.92%
- Published 22.05.2025 00:49:29
- Last modified 15.08.2025 16:40:19
Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cloudera Hue. Authentication is not required to exploit this v...
CVE-2021-29994
- EPSS 0.66%
- Published 08.11.2021 13:15:07
- Last modified 21.11.2024 06:02:07
Cloudera Hue 4.6.0 allows XSS.
CVE-2021-32481
- EPSS 0.46%
- Published 08.11.2021 13:15:07
- Last modified 21.11.2024 06:07:07
Cloudera Hue 4.6.0 allows XSS via the type parameter.
CVE-2015-8094
- EPSS 0.46%
- Published 22.05.2018 18:29:00
- Last modified 21.11.2024 02:38:00
Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter.
CVE-2016-4946
- EPSS 0.2%
- Published 07.03.2017 16:59:00
- Last modified 20.04.2025 01:37:25
Multiple cross-site scripting (XSS) vulnerabilities in Cloudera HUE 3.9.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) First name or (2) Last name field in the HUE Users page.
CVE-2016-4947
- EPSS 0.29%
- Published 07.03.2017 16:59:00
- Last modified 20.04.2025 01:37:25
Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete.