Algosec Fireflow
4 CVEs affecting Algosec Fireflow. Latest disclosed: 2024-02-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-36783 | Medium | 6.5 | 2022-10-25 | AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result… |
CVE-2023-46595 | Medium | 5.9 | 2023-11-02 | Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can le… |
CVE-2023-46596 | Medium | 5.1 | 2024-02-15 | Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60… |
CVE-2014-4164 | | 2014-06-16 | Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to Se… |