In Apache NiFi prior to 1.0.1 and 1.1.x prior to 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache nifi 1.1.0 |
||
apache nifi |