136 matches found
CVE-2025-51462
Stored Cross-site Scripting XSS vulnerability in api.apps.dialogapp.setdialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript via crafted input to the assistant greeting field, which is stored unsanitised and rendered using a markdown component with rehype-raw...
RAGFlow 跨站脚本漏洞
RAGFlow is an open source RAG engine based on deep document understanding by InfiniFlow open source. A security vulnerability exists in RAGFlow version 0.17.2, which stems from a stored cross-site scripting vulnerability in api.apps.dialogapp.setdialog that could lead to the execution of arbitrar...
CVE-2025-51462
Stored Cross-site Scripting XSS vulnerability in api.apps.dialogapp.setdialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript via crafted input to the assistant greeting field, which is stored unsanitised and rendered using a markdown component with rehype-raw...
PT-2025-30456 · Ragflow · Ragflow
Name of the Vulnerable Software and Affected Versions: RAGFlow version 0.17.2 Description: A stored Cross-site Scripting XSS issue exists in the api.apps.dialog app.set dialog function. This allows remote attackers to execute arbitrary JavaScript code through crafted input to the assistant greeti...
CVE-2025-51462
CVE-2025-51462 describes a stored XSS in RAGFlow 0.17.2, via api.apps.dialog_app.set_dialog: crafted input to the assistant greeting field is stored unsanitised and rendered by a markdown component with rehype-raw, enabling execution of arbitrary JavaScript. The vulnerability affects RAGFlow 0.17...
CVE-2025-51462
Stored Cross-site Scripting XSS vulnerability in api.apps.dialogapp.setdialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript via crafted input to the assistant greeting field, which is stored unsanitised and rendered using a markdown component with rehype-raw...
CVE-2024-53450
RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents...
CVE-2025-48187
RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is no rate limiting...
CVE-2025-48187
RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is no rate limiting...
PT-2025-21792 · Ragflow · Ragflow
Name of the Vulnerable Software and Affected Versions: RAGFlow versions 0.18.1 and earlier Description: The issue allows account takeover due to the possibility of conducting successful brute-force attacks against email verification codes. This enables arbitrary account registration, login, and...
CVE-2025-48187
RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is no rate limiting...
RAGFlow 安全漏洞
RAGFlow is an open source RAG engine based on deep document understanding from InfiniFlow Open Source. A security vulnerability exists in RAGFlow version 0.18.1 and earlier, which stems from a brute force attack could lead to account takeover...
CVE-2024-12871
An XSS vulnerability in infiniflow/ragflow version 0.12.0 allows an attacker to upload a malicious PDF file to the knowledge base. When the file is viewed within Ragflow, the payload is executed in the context of the user's browser. This can lead to session hijacking, data exfiltration, or...
CVE-2024-12779
A Server-Side Request Forgery SSRF vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the POST /v1/llm/addllm and POST /v1/conversation/tts endpoints. Attackers can specify an arbitrary URL as the apibase when adding an OPENAITTS model, and subsequently...
CVE-2024-12450
In infiniflow/ragflow versions 0.12.0, the webcrawl function in documentapp.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF...
CVE-2024-12880
A vulnerability in infiniflow/ragflow version RAGFlow-0.13.0 allows for partial account takeover via insecure data querying. The issue arises from the way tenant IDs are handled in the application. If a user has access to multiple tenants, they can manipulate their tenant access to query and acce...
CVE-2024-12433
A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...
CVE-2024-12870
A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...
CVE-2024-12880
A vulnerability in infiniflow/ragflow version RAGFlow-0.13.0 allows for partial account takeover via insecure data querying. The issue arises from the way tenant IDs are handled in the application. If a user has access to multiple tenants, they can manipulate their tenant access to query and acce...
CVE-2024-12871
An XSS vulnerability in infiniflow/ragflow version 0.12.0 allows an attacker to upload a malicious PDF file to the knowledge base. When the file is viewed within Ragflow, the payload is executed in the context of the user's browser. This can lead to session hijacking, data exfiltration, or...