Origin Validation Error
CVE-2017-7667
Summary
Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- NONE
- NONE
CWE-346 - Origin Validation Error
The software does not properly verify that the source of data or communication is valid.
References
Advisory Timeline
- Published
