19 matches found
CVE-2024-12450
In infiniflow/ragflow versions 0.12.0, the webcrawl function in documentapp.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF...
CVE-2024-12870
A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...
CVE-2024-12433
A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...
CVE-2024-12433
A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...
CVE-2024-12779 SSRF in infiniflow/ragflow
A Server-Side Request Forgery SSRF vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the POST /v1/llm/addllm and POST /v1/conversation/tts endpoints. Attackers can specify an arbitrary URL as the apibase when adding an OPENAITTS model, and subsequently...
CVE-2024-12869 Improper Authentication in infiniflow/ragflow
In infiniflow/ragflow version v0.12.0, there is an improper authentication vulnerability that allows a user to view another user's invite list. This can lead to a privacy breach where users' personal or private information, such as email addresses or usernames in the invite list, could be exposed...
CVE-2024-12871
CVE-2024-12871 describes a stored XSS in infiniflow/ragflow (0.12.0) where uploading a malicious PDF to the knowledge base leads to payload execution when viewed in Ragflow. The impact stated across sources includes session hijacking, data exfiltration, and unauthorized actions performed in the u...
CVE-2024-12870
CVE-2024-12870 describes a stored XSS in infiniflow/ragflow on the main branch (commit cec2080). The vulnerability allows uploading HTML/XML files served as application/xml, which browsers render, enabling arbitrary JavaScript execution in the user’s browser. Impact stated: potential cookie theft...
CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow
A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...
CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow
A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...
CVE-2024-12433 Remote Code Execution in infiniflow/ragflow
A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...
CVE-2024-12433 Remote Code Execution in infiniflow/ragflow
A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the serve...
CVE-2024-12880
The CVE-2024-12880 entry concerns infiniflow/ragflow (RAGFlow-0.13.0) with a vulnerability in tenant ID handling that enables partial account takeover. If a user has access to multiple tenants, they can manipulate tenant access to query and obtain other tenants’ API tokens via endpoints: /v1/syst...
PT-2025-12136 · Unknown +1 · Infiniflow/Ragflow +1
Name of the Vulnerable Software and Affected Versions: infiniflow/ragflow version 0.12.0 Description: The web crawl function in document app.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal networ...
CVE-2024-10131
The addllm function in llmapp.py in infiniflow/ragflow version 0.11.0 contains a remote code execution RCE vulnerability. The function uses user-supplied input req'llmfactory' and req'llmname' to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to...
CVE-2024-10131
The addllm function in llmapp.py in infiniflow/ragflow version 0.11.0 contains a remote code execution RCE vulnerability. The function uses user-supplied input req'llmfactory' and req'llmname' to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to...
CVE-2024-10131 Remote Code Execution in infiniflow/ragflow
The addllm function in llmapp.py in infiniflow/ragflow version 0.11.0 contains a remote code execution RCE vulnerability. The function uses user-supplied input req'llmfactory' and req'llmname' to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to...
CVE-2024-10131 Remote Code Execution in infiniflow/ragflow
The addllm function in llmapp.py in infiniflow/ragflow version 0.11.0 contains a remote code execution RCE vulnerability. The function uses user-supplied input req'llmfactory' and req'llmname' to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to...
PT-2024-16051 · Infiniflow · Ragflow
Name of the Vulnerable Software and Affected Versions: infiniflow/ragflow version 0.11.0 Description: The issue concerns a remote code execution vulnerability in the add llm function, located in llm app.py. This function utilizes user-supplied input, specifically req'llm factory' and req'llm name...