A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Malicious scripts could be injected to the UI through action by an unaware authenticated user in Firefox. Did not appear to occur in other browsers.
References
Link | Resource |
---|---|
https://nifi.apache.org/security.html#CVE-2020-1933 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2020-01-28T00:33:32
Updated: 2020-01-28T00:33:32
Reserved: 2019-12-02T00:00:00
Link: CVE-2020-1933
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-28T01:15:12.550
Modified: 2020-01-29T20:09:51.507
Link: CVE-2020-1933
JSON object: View
Redhat Information
No data.
CWE