Описание
Cross-site Scripting in Apache NiFi
In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM.
Пакеты
Наименование
org.apache.nifi:nifi
maven
Затронутые версииВерсия исправления
< 1.0.1
1.0.1
Наименование
org.apache.nifi:nifi
maven
Затронутые версииВерсия исправления
>= 1.1.0, < 1.1.1
1.1.1
Связанные уязвимости
CVSS3: 5.4
nvd
больше 8 лет назад
In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM.