16 matches found
CVE-2025-57203
MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS vulnerability within the chatbot generation feature available to authenticated admin users. The vulnerability resides in the prompt parameter submitted to the /dashboard/user/generator/generate-stream endpoint via a...
CVE-2025-57203
MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS vulnerability within the chatbot generation feature available to authenticated admin users. The vulnerability resides in the prompt parameter submitted to the /dashboard/user/generator/generate-stream endpoint via a...
CVE-2025-57203
MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS vulnerability within the chatbot generation feature available to authenticated admin users. The vulnerability resides in the prompt parameter submitted to the /dashboard/user/generator/generate-stream endpoint via a...
PT-2025-39066
Name of the Vulnerable Software and Affected Versions MagicProject AI version 9.1 Description MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS issue within the chatbot generation feature accessible to authenticated admin users. The issue is located in the prompt parameter...
GHSA-7GFQ-F96F-G85J langchain vulnerable to arbitrary code execution
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the loadprompt parameter. This is related to subclasses or a template...
PYSEC-2023-151
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the loadprompt parameter...
PT-2023-25510 · Langchain · Langchain
Name of the Vulnerable Software and Affected Versions: langchain version 0.0.171 Description: An issue in langchain allows a remote attacker to execute arbitrary code via a JSON file to the load prompt parameter. This is related to subclasses or a template. Recommendations: For langchain version...
GHSA-FJ32-Q626-PJJC LangChain vulnerable to arbitrary code execution
An issue in LangChain prior to v.0.0.247 allows a remote attacker to execute arbitrary code via the prompt parameter...
CVE-2023-38860
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
CVE-2023-38860
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
PYSEC-2023-145
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
Code injection
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
PYSEC-2023-145
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
PT-2023-26641 · Langchain · Langchain
Name of the Vulnerable Software and Affected Versions: LangChain versions 0.0.231 through 0.0.246 Description: An issue in LangChain allows a remote attacker to execute arbitrary code via the prompt parameter. This enables the attacker to potentially gain control over the system, leading to sever...
CVE-2023-38860
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
LangChain Code Injection Vulnerability
LangChain is used to build applications using LLM through composability. A security vulnerability exists in LangChain version v.0.0.231 that originates from allowing remote attackers to execute arbitrary code via a prompt parameter...