6.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.6%
In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM.
www.securityfocus.com/bid/95621
nifi.apache.org/security.html