{"schema_version": "1.6.1", "id": "CVE-2021-27578", "summary": "Cross Site Scripting in markdown interpreter", "details": "Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts.  This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "Apache Zeppelin"}, {"fixed": "0.9.0"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread.html/r90590aa5ea788128ecc2e822e1e64d5200b4cb92b06707b38da4cb3d%40%3Cusers.zeppelin.apache.org%3E"}]}