Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2017-7665

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient.

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
apache / nifi 1.1.0 1.1.0.x
apache / nifi 1.1.1 1.1.1.x
apache / nifi 1.0.0 1.0.0.x
apache / nifi - 0.7.3.x
apache / nifi 1.1.2 1.1.2.x
apache / nifi 1.2.0 1.2.0.x
apache / nifi 1.0.1 1.0.1.x
org.apache.nifi / nifi - 0.7.4
org.apache.nifi / nifi 1.0.0 1.3.0