Vulnerabilities > Apache > Nifi > 1.13.2

DATE CVE VULNERABILITY TITLE RISK
2021-12-17 CVE-2021-44145 Information Exposure vulnerability in Apache Nifi
In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.
network
low complexity
apache CWE-200
6.5