Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
n8n Has an Expression Escape Vulnerability Leading to RCE
Vulnerability Description
n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue has been patched in versions 1.123.17 and 2.5.2.
CVSS Information
N/A
Vulnerability Type
动态管理代码资源的控制不恰当
Vulnerability Title
n8n 安全漏洞
Vulnerability Description
n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.123.17之前版本和2.5.2之前版本存在安全漏洞,该漏洞源于经过身份验证的用户可利用工作流参数中的表达式,可能导致主机命令执行。
CVSS Information
N/A
Vulnerability Type
N/A