nifi-web-ui is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary JavaScript due to the library insufficient validation on user input when creating SlickGrid
tables
CPE | Name | Operator | Version |
---|---|---|---|
nifi-web-ui | le | 1.2.0 | |
nifi-web-ui | le | 0.7.2 | |
nifi-framework-core | le | 1.2.0 |