2 matches found
CVE-2020-1933
A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Malicious scripts could be injected to the UI through action by an unaware authenticated user in Firefox. Did not appear to occur in other browsers...
CVE-2020-1933
CVE-2020-1933 describes a cross-site scripting (XSS) vulnerability in Apache NiFi, affecting versions 1.0.0 through 1.10.0. According to the provided documents, the issue allows an authenticated user to inject malicious scripts into the UI via actions performed in Firefox; other browsers do not a...