Apache NiFi Same-Origin Policy Bypass Vulnerability

Apache NiFi Same-Origin Policy Bypass Vulnerability

CVE-2017-7667 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.

Learn more about our Web Application Penetration Testing UK.