In the TransformXML processor of Apache NiFi prior to 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache nifi |