4 matches found
CVE-2026-42228 n8n: Hijacking of Unauthenticated Chat Execution
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...
n8n 安全漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained security vulnerabilities. These vulnerabilities stemmed from the /chatWebSocket endpoint in the Chat Trigger node’s Hosted Chat feature, which did not verify...
GHSA-F77H-J2V7-G6MW n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
Impact The /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state cou...
n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
Impact The /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state cou...