Flowise Authentication Bypass

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

N/A

Flowise 安全漏洞

Flowise是FlowiseAI开源的一个用于轻松构建 LLM 应用程序的工具。 Flowise 1.8.2版本存在安全漏洞。攻击者利用该漏洞以管理员身份访问API端点。

N/A

N/A