Stored Cross-Site Scripting (XSS)

n8n is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user input in the initialMessages field of the @n8n/n8n-nodes-langchain.chatTrigger component, which allows an attacker to inject malicious JavaScript that executes in the browser of users...

GHSA-MVH4-2CM2-6HPG Stored XSS in n8n LangChain Chat Trigger Node via initialMessages Parameter

Impact A stored Cross-Site Scripting XSS vulnerability was identified in the @n8n/n8n-nodes-langchain.chatTrigger node in n8n. If an authorized user configures the node with malicious JavaScript in the initialMessages field and enables public access, the script will be executed in the browser of...

CVE-2022-44955

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

webTareas 跨站脚本漏洞

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas version 2.4p5, which stems from the discovery of a cross-site scripting XSS...

PT-2022-27355 · Webtareas · Webtareas

Name of the Vulnerable Software and Affected Versions: webtareas version 2.4p5 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field in the Chat function. This enables the execution of malicious code, potentially...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow 1 remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow 2 remote...