2 matches found
Cross-site Scripting (XSS)
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Cross-site Scripting XSS via the chat logs, due to improper input sanitization. An attacker can access sensitive information or impersonate an administrator by injecting malicious HTML or scripts into chat...
Cross-site Scripting (XSS)
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Cross-site Scripting XSS via insufficient input filtering of input by web applications such as chat box and agent workflow processes. An attacker can execute arbitrary JavaScript code in the victim's browse...