Flowring Agentflow Bpm
3 CVEs affecting Flowring Agentflow Bpm. Latest disclosed: 2022-11-10. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-39036 | Critical | 9.8 | 2022-11-10 | The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulner… |
CVE-2022-39038 | High | 8.8 | 2022-11-10 | Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account t… |
CVE-2022-39037 | High | 7.5 | 2022-11-10 | Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentica… |