CVE-2024-12871 Stored Cross-site Scripting (XSS) in infiniflow/ragflow

An XSS vulnerability in infiniflow/ragflow version 0.12.0 allows an attacker to upload a malicious PDF file to the knowledge base. When the file is viewed within Ragflow, the payload is executed in the context of the user's browser. This can lead to session hijacking, data exfiltration, or...

CVE-2024-12871 Stored Cross-site Scripting (XSS) in infiniflow/ragflow

An XSS vulnerability in infiniflow/ragflow version 0.12.0 allows an attacker to upload a malicious PDF file to the knowledge base. When the file is viewed within Ragflow, the payload is executed in the context of the user's browser. This can lead to session hijacking, data exfiltration, or...

CVE-2024-12871

CVE-2024-12871 describes a stored XSS in infiniflow/ragflow (0.12.0) where uploading a malicious PDF to the knowledge base leads to payload execution when viewed in Ragflow. The impact stated across sources includes session hijacking, data exfiltration, and unauthorized actions performed in the u...

CVE-2024-12450 RCE, Full Read SSRF, and Arbitrary File Read in infiniflow/ragflow

In infiniflow/ragflow versions 0.12.0, the webcrawl function in documentapp.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF...

CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow

A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...

CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow

A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...

CVE-2024-12870

CVE-2024-12870 describes a stored XSS in infiniflow/ragflow on the main branch (commit cec2080). The vulnerability allows uploading HTML/XML files served as application/xml, which browsers render, enabling arbitrary JavaScript execution in the user’s browser. Impact stated: potential cookie theft...

CVE-2024-12433 Remote Code Execution in infiniflow/ragflow

A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...

CVE-2024-12433 Remote Code Execution in infiniflow/ragflow

A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...

CVE-2024-12433

CVE-2024-12433 affects infiniflow/ragflow v0.12.0. The RPC server uses a hard-coded AuthKey (authkey=b'infiniflow-token4kevinhu') and deserializes incoming data with pickle.loads() on connection.recv(), enabling remote code execution. Fixed in v0.14.0. A PoC/proof-of-concept is available in publi...

CVE-2024-12880 Partial Account Takeover due to Insecure Data Querying in infiniflow/ragflow

A vulnerability in infiniflow/ragflow version RAGFlow-0.13.0 allows for partial account takeover via insecure data querying. The issue arises from the way tenant IDs are handled in the application. If a user has access to multiple tenants, they can manipulate their tenant access to query and acce...

CVE-2024-12880

The CVE-2024-12880 entry concerns infiniflow/ragflow (RAGFlow-0.13.0) with a vulnerability in tenant ID handling that enables partial account takeover. If a user has access to multiple tenants, they can manipulate tenant access to query and obtain other tenants’ API tokens via endpoints: /v1/syst...

RAGFlow 授权问题漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. An authorization issue vulnerability exists in RAGFlow version 0.13.0, which stems from not handling tenant IDs correctly and could lead to partial account takeover...

RAGFlow 安全漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A security vulnerability exists in RAGFlow version 0.12.0, which stems from unvalidated PDF file content and could lead to a cross-site scripting attack...

RAGFlow 跨站脚本漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A cross-site scripting vulnerability exists in RAGFlow cec2080 version, which stems from unvalidated file content and could lead to a stored cross-site scripting attack...

RAGFlow 安全漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A security vulnerability exists in RAGFlow version v0.12.0 that stems from not properly validating authentication, which could lead to a privacy breach...

RAGFlow 安全漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A security vulnerability exists in RAGFlow version 0.12.0 that stems from unfiltered URL parameters and the use of an outdated version of Chromium, which could lead to full-read SSRF and remote...

RAGFlow 代码问题漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A code issue vulnerability exists in RAGFlow version v0.12.0, which stems from hard-coded AuthKey and pickle deserialization and could lead to remote code execution...

RAGFlow 安全漏洞

RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A security vulnerability exists in RAGFlow version 0.12.0 that originates from an unvalidated URL and could lead to a server-side request forgery attack...

PT-2025-12136 · Unknown +1 · Infiniflow/Ragflow +1

Name of the Vulnerable Software and Affected Versions: infiniflow/ragflow version 0.12.0 Description: The web crawl function in document app.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal networ...