Apache Nifi is vulnerable to cross-site scripting (XSS) vulnerability in connection details dialog when accessed by an authorized user. It does not properly handle the user supplied text when added to the DOM.
CPE | Name | Operator | Version |
---|---|---|---|
nifi | le | 1.12.1 | |
nifi-framework-core | le | 1.12.0 | |
nifi | le | 1.12.1 | |
nifi-framework-core | le | 1.12.0 |