CVE-2017-7665

Summary

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache NiFi0.0.1 to 0.7.3affected
Apache Software FoundationApache NiFi1.0.0 to 1.2.0affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References