[ https://issues.apache.org/jira/browse/YARN-6352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15942263#comment-15942263 ]
Varun Saxena commented on YARN-6352: ------------------------------------ Will have a look today. > Header injections are possible in the application proxy servlet > --------------------------------------------------------------- > > Key: YARN-6352 > URL: https://issues.apache.org/jira/browse/YARN-6352 > Project: Hadoop YARN > Issue Type: Bug > Components: resourcemanager, security > Affects Versions: 2.8.0, 2.7.3 > Reporter: Naganarasimha G R > Assignee: Naganarasimha G R > Attachments: headerInjection.png, YARN-6352.001.patch, > YARN-6352-branch-2.002.patch, YARN-6352-branch-2.003.patch > > > This issue was found in WVS security tool. -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org