Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.Referenceshttps://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_managerhttps://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833
