3 matches found
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service [CVE-2024-52362]
Summary IBM App Connect Enterprise Certified Container DesignerAuthoring does not properly validate the name of a flow, such that invalid names can make a flow inaccesible. This bulletin provides patch information to address the reported vulnerability. CVE-2024-52362 Vulnerability Details...
GHSA-8W65-XJC5-9W79 Cross-Site Scripting in node-red
Versions of node-red prior to 0.20.8are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize the name field in new Flows, allowing attackers to execute arbitrary JavaScript in the victim's browser. Recommendation Upgrade to version 0.18.6 or later...
SQL Injection Vulnerability in OA System of Tianling Network Technology Co.
Tianling Network Technology Co., Ltd. has developed a business process software tool - myApps Rapid Development Platform, which provides customers with solutions for business process management consulting, planning, design, and training. A SQL injection vulnerability exists in the OA system of...