EPSS
Percentile
55.9%
nifi-web-utils is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the request attribute value.
github.com/apache/nifi/pull/2908
nifi.apache.org/security.html#CVE-2018-17193