CVE-2017-12623
CVE-2017-12623 concerns Apache NiFi where an authorized user could upload a template containing malicious code and trigger an XML External Entity (XXE) attack to access sensitive files. The root cause is improper handling of XML external entities within uploaded templates. The fixed behavior was ...