[ https://issues.apache.org/jira/browse/YARN-10336?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17177233#comment-17177233 ]
Hemanth Boyina commented on YARN-10336: --------------------------------------- +1 , will commit shortly > RM page should throw exception when command injected in RM REST API to get > applications > --------------------------------------------------------------------------------------- > > Key: YARN-10336 > URL: https://issues.apache.org/jira/browse/YARN-10336 > Project: Hadoop YARN > Issue Type: Bug > Reporter: Rajshree Mishra > Assignee: Bilwa S T > Priority: Major > Attachments: CommandInject.jpg, RM_UI.jpg, YARN-10336.001.patch, > YARN-10336.002.patch, YARN-10336.003.patch, testproof.png > > > Using a web application attacking, we see that injecting commands like > ACCEPTED, FAILED and FINISHED to RM REST API does not throw an exception. > Refer images. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org