2 matches found
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes over the /api/v1/chatflows endpoint. A user can gain unauthorized access to and modify sensitive attributes, such as deployment...
MAL-2022-5821 Malicious code in rm-deployment-status-enhancer-tab (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c5e5770454ab46c88e70de8023cfedded6f5d20f4d7f530c16f9d1362cb2f01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...