Input validation

2017-06-1216:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

30.5%

JSON

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient.

CPENameOperatorVersion
nifieq1.1.0
nifieq1.1.1
nifieq1.0.0
nifile0.7.3
nifieq1.1.2
nifieq1.2.0
nifieq1.0.1

Name	Operator	Version
nifi	eq	1.1.0
nifi	eq	1.1.1
nifi	eq	1.0.0
nifi	le	0.7.3
nifi	eq	1.1.2
nifi	eq	1.2.0
nifi	eq	1.0.1

References

www.securityfocus.com/bid/99009

lists.apache.org/thread.html/d779d6129de1a5aa149c219b2fc6e9e78156614eaac92a89cbaf9bce@%3Cdev.nifi.apache.org%3E

0.001 Low

EPSS

Percentile

30.5%

JSON

Related for PRION:CVE-2017-7665