6.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.6%
In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.
www.openwall.com/lists/oss-security/2021/12/17/1
nifi.apache.org/security.html#1.15.1-vulnerabilities