4 matches found
EUVD-2025-210289
Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...
EUVD-2025-31028
Malicious code in bioql PyPI...
HCL Technologies HCL Verse 跨站脚本漏洞
HCL Technologies HCL Verse is a mobile application for accessing emails and life plan management from HCL Technologies, USA. HCL Technologies HCL Verse has a security vulnerability that stems from the presence of a stored cross-site scripting XSS vulnerability. The vulnerability can be exploited ...
CVE-2022-47715
In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic...