14 matches found
CVE-2026-6125
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
Warm-Flow has a SpEL Expression Injection in SpelHelper.parseExpression
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
GHSA-822V-8W6H-5JXP Warm-Flow has a SpEL Expression Injection in SpelHelper.parseExpression
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
CVE-2026-6125
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
CVE-2026-6125 Dromara warm-flow Workflow Definition save-json SpelHelper.parseExpression code injection
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
CVE-2026-6125
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
CVE-2026-6125 Dromara warm-flow Workflow Definition save-json SpelHelper.parseExpression code injection
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
CVE-2026-6125
Affected software: Dromara warm-flow up to version 1.8.4. Vulnerable component: SpelHelper.parseExpression in /warm-flow/save-json of the Workflow Definition Handler. Issue: argument manipulation of listenerPath/skipCondition/permissionFlag enables code injection. Impact: remote attacker could ex...
PT-2026-32157
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...
CVE-2026-33764
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user wi...
CVE-2026-33764
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user wi...
CVE-2026-33764
CVE-2026-33764 affects WWBN/AVideo up to version 26.0 where the AI plugin’s save.json.php loads AI responses by attacker-controlled IDs (ai_metatags_responses_id and ai_transcribe_responses_id) without validating ownership of the target video. An authenticated user with canUseAI can reference AI ...
Authorization Bypass Through User-Controlled Key
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the save.json.php process. An attacker can access and exfiltrate confidential AI-generated metadata and...
PT-2026-28534
Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The AVideo platform’s AI plugin contains a flaw in the save.json.php endpoint. This endpoint loads AI response objects using the $ REQUEST'id' parameter, which is controlled by the attacker,...