CVE-2020-1933
CVSS v3.1
6.1 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.16 % (53th)
Affected Products
2
Advisories
1
A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Malicious scripts could be injected to the UI through action by an unaware authenticated user in Firefox. Did not appear to occur in other browsers.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2020-01-28 01:15:12
(4 years ago) - Updated Date
-
2020-01-29 20:09:51
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...