Algosec Fireflow

4 CVEs affecting Algosec Fireflow. Latest disclosed: 2024-02-15. Critical: 0, High: 0.

Top CVEs affecting Algosec Fireflow
CVESeverityScorePublishedSummary
CVE-2022-36783Medium6.52022-10-25AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result…
CVE-2023-46595Medium5.92023-11-02Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can le…
CVE-2023-46596Medium5.12024-02-15 Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60…
CVE-2014-41642014-06-16Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to Se…