Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper input validation in FireFlow’s VisualFlow workflow editor
Vulnerability Description
Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.20 (b600 and above), A32.50 (b430 and above), A32.60 (b250 and above)
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Algosec FireFlow 安全漏洞
Vulnerability Description
AlgoSec FireFlow是美国AlgoSec公司的一个安全应用程序。用于自动执行安全策略更改生命周期,从提交更改请求到审核所做更改。 Algosec FireFlow 存在安全漏洞,该漏洞源于输入验证不正确。
CVSS Information
N/A
Vulnerability Type
N/A