2 matches found
Cross-site Scripting (XSS)
Overview n8n-editor-ui is a Workflow Editor UI for n8n Affected versions of this package are vulnerable to Cross-site Scripting XSS via the clientname parameter in the MCP OAuth client registration process. An attacker can execute arbitrary JavaScript in a victim's authenticated browser session b...
Open Redirect
Overview n8n-editor-ui is a Workflow Editor UI for n8n Affected versions of this package are vulnerable to Open Redirect via the handleDeny process. An attacker can redirect users to an external, attacker-controlled site by registering arbitrary redirecturi values and enticing victims to interact...