5 matches found
GHSA-6WP6-22X5-RR3W Flowise vulnerable to code injection via api/v1
An issue in FlowiseAI Inc Flowise prior to v1.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component...
Flowise vulnerable to code injection via api/v1
An issue in FlowiseAI Inc Flowise prior to v1.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component...
CVE-2024-31621
An issue in FlowiseAI Inc Flowise v.1.6.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component...
PT-2024-24158
Name of the Vulnerable Software and Affected Versions FlowiseAI Inc Flowise versions 1.6.2 and before FlowiseAI Inc Flowise versions prior to 1.8.1 Description An issue in FlowiseAI Inc Flowise allows a remote attacker to execute arbitrary code via a crafted script sent to the /api/v1 component...
CVE-2024-31621
CVE-2024-31621 affects Flowise Flowise v1.6.2 and earlier, with multiple sources describing an authentication bypass (notably in Flowise = 1.6.6 / 1.8.1+ per other reports). If exploitation details are present, they confirm remote code execution via /api/v1; otherwise, exploitation specifics are ...