Description
A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Malicious scripts could be injected to the UI through action by an unaware authenticated user in Firefox. Did not appear to occur in other browsers.
Remediation
References
https://nifi.apache.org/security.html#CVE-2020-1933
Related Vulnerabilities
CVE-2018-8042 Vulnerability in maven package org.apache.ambari:ambari-agent
CVE-2023-33265 Vulnerability in maven package com.hazelcast:hazelcast-enterprise
CVE-2023-32070 Vulnerability in maven package org.xwiki.platform:xwiki-core-rendering-api
CVE-2022-45393 Vulnerability in maven package org.jenkins-ci.plugins:delete-log-plugin
CVE-2023-50779 Vulnerability in maven package com.cloudtp.jenkins:paaslane-estimate