53 matches found
EUVD-2014-4095
Malware in sbrugna...
EUVD-2023-50799
Malicious code in bioql PyPI...
EUVD-2022-39483
Malicious code in bioql PyPI...
CVE-2023-46596
Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.2...
CVE-2023-46596
Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.2...
Input validation
Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.2...
CVE-2023-46596 Improper input validation in FireFlow’s VisualFlow workflow editor
Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.2...
CVE-2023-46596
The CVE-2023-46596 affects AlgoSec FireFlow VisualFlow workflow editor, specifically versions A32.20, A32.50, and A32.60. The root cause is improper input validation in fields Name, Description, and Configuration File, enabling an attacker to inject malicious scripts (XSS) into the application co...
PT-2024-13363 · Algosec · Algosec Fireflow
Name of the Vulnerable Software and Affected Versions: Algosec FireFlow versions A32.20 through A32.60 Description: The issue is related to improper input validation in the VisualFlow workflow editor via the Name, Description, and Configuration File fields. This allows an attacker to initiate an...
AlgoSec FireFlow Cross-Site Scripting Vulnerability
AlgoSec FireFlow is a security application from AlgoSec USA, Inc. It is used to automate the security policy change lifecycle, from submitting a change request to reviewing the changes made. A cross-site scripting vulnerability exists in AlgoSec Fireflow versions A32.20 and A32.50, which stems fr...
CVE-2022-36783
AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...
CVE-2022-36783
AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...
Cross site scripting
AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...
CVE-2022-36783 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)
AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...
CVE-2022-36783 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)
AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...
CVE-2022-36783
CVE-2022-36783 affects AlgoSec FireFlow with a Reflected Cross-Site-Scripting (RXSS) vector. A malicious user can inject JavaScript into the IntersectudRule parameter on the search/result.html page by changing the request method from POST to GET and sharing the URL with a victim. This results in ...
AlgoSec FireFlow 跨站脚本漏洞
AlgoSec FireFlow is a security application from AlgoSec USA, Inc. It is used to automate the security policy change lifecycle, from submitting a change request to reviewing the changes made. A security vulnerability exists in AlgoSec FireFlow, which stems from a Reflective Cross-Site Scripting...
AlgoSec Detection
Detection of AlgoSec Security Management Solution. The script sends a connection request to the server and attempts to detect AlgoSec and to extract its version. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted...
CVE-2014-4164
Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...
Cross site scripting
Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...