GHSA-m5r7-w9v3-ghmx

Опубликовано: 17 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 6.1

Описание

Cross-site Scripting in Apache NiFi

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient.

Ссылки

Пакеты

Наименование

org.apache.nifi:nifi

maven

Затронутые версииВерсия исправления

< 0.7.4

0.7.4

Наименование

org.apache.nifi:nifi

maven

Затронутые версииВерсия исправления

>= 1.0.0, < 1.3.0

1.3.0

EPSS

Процентиль: 77%

0.0106

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2017-7665

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-7665

CVSS3: 6.1

nvd

больше 8 лет назад

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient.

EPSS

Процентиль: 77%

0.0106

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2017-7665

Дефекты

CWE-79