12 matches found
CVE-2026-46443
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter parameter, the encryptedData field is not stripped from the response. The code properly omits encryptedData when no filter is...
CVE-2026-46443
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter parameter, the encryptedData field is not stripped from the response. The code properly omits encryptedData when no filter is...
CVE-2026-46443 Flowise: Credential Data Leak
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter parameter, the encryptedData field is not stripped from the response. The code properly omits encryptedData when no filter is...
EUVD-2026-35111
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter parameter, the encryptedData field is not stripped from the response. The code properly omits encryptedData when no filter is...
EUVD-2023-27175
Malicious code in bioql PyPI...
CVE-2023-23075
Cross Site Scripting XSS vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation...
CVE-2023-23075
Cross Site Scripting XSS vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation...
CVE-2023-23075
Cross Site Scripting XSS vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation...
Cross site scripting
Cross Site Scripting XSS vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation...
CVE-2023-23075
Cross Site Scripting XSS vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation...
PT-2023-18834 · Zoho · Zoho Asset Explorer
Name of the Vulnerable Software and Affected Versions: Zoho Asset Explorer version 6.9 Description: A Cross Site Scripting XSS issue exists in Zoho Asset Explorer via the credential name when creating a new Assets Workstation. This allows for potential malicious script execution. Recommendations:...
CVE-2018-8903
Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen...