← back
CVE-2016-8748

CVE-2016-8748

EPSS 1.8%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
19 Oct 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →