CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi Apache NiFi 1210 through 1230 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs An authenticated and authorized user can bypass connection URL validation using cu