Tag Archive: CVE-2018-5798

Mar 23 2025

CVE-2018-5798 – Cross-site scripting vulnerability in Cloudera Manager – Part 2

Author: Shafeeque Olassery Kunnikkal | Category: Cross Site Scripting, CVE-2018-5798, Cyber Security | Leave a Comment

Below is the details of the reflected XSS , I have found in Cloudera Enterprise. More details can be found here :-  https://www.cloudera.com/documentation/other/securitybulletins/topics/Security-Bulletin.html#DOCS-3186 Login to Cloudera manager using credentialsadmin:admin 1. Navigate the following URL which includes the XSS Payload.

Continue Reading
Mar 23 2025

CVE-2018-5798 – Cross-site scripting vulnerability in Cloudera Manager – Part 1

Author: Shafeeque Olassery Kunnikkal | Category: Cross Site Scripting, CVE-2018-5798, Cyber Security, Vulnerability Assessment | Leave a Comment

Below is the details of the reflected XSS , I have found in Cloudera Enterprise. There were multiple XSS was reported and will be publishing this details in subsequent posts. More details can be found here :- https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#DOCS-3186 Login to Cloudera manager using credentialsadmin:admin or cloudera:cloudera We need to intercept the HTTP traffic so launch…..

Continue Reading

Categories

Tags

CVE-2018-5798 Black Box Penetration Testing Cloudera Enterprise Cloudera Manager Computer Forensics CVE-2018-1528 XSS SDR Computer Forensics Degree Ethical Hacking Grey Box Penetration Testing CubicSDR Information Security Education Phishing Clickjacking zero-knowledge testing Career Options Cyber Security Degree Social Engineering complete-knowledge testing Career E-Books partial-knowledge testing Reflected XSS Vulnerability Assessment Cyber Security White Box Penetration Testing Email Fraud IBM Maximo Asset Management Penetration Testing

Archives