XML External Entities (XXE)
nifi-lookup-services is vulnerable to XML external entities XXE. The vulnerability exists as the XMLFileLookupService allowed trusted users to use a malicious XML file to cause information such as the versions of Java, Jersey, and Apache to be revealed...