Cross-Site Scripting Vulnerability in Apache NiFi Connection Details Dialog
CVE-2016-8748 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM.
Learn more about our Cis Benchmark Audit For Apache Http Server.