Path Traversal

agentscope is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths in the save-workflow and load-workflow functionality, allowing an attacker to read and write arbitrary JSON files on the filesystem...

Relative Path Traversal

Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to Relative Path Traversal through the save-workflow functionality. An attacker can write arbitrary JSON files on the filesystem by exploiting this vulnerability. PoC...

AgentScope path traversal vulnerability in save-workflow

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

GHSA-J9RW-QM5F-R8XM AgentScope path traversal vulnerability in save-workflow

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

AgentScope 安全漏洞

AgentScope is a ModelScope open source application. Build LLM-based multi-intelligence applications more simply. AgentScope has a security vulnerability that stems from the existence of path traversal in the save-workflow and load-workflow functions, which allows an attacker to read and write...

Comala Workflows /plugins/approvalsworkflow/saveworkflowmarkup.action has multiple reflected cross-site scripting vulnerabilities

Comala Workflows is a WEB-based application. Comala Workflows /plugins/approvalsworkflow/saveworkflowmarkup.action script processing attachment-macro has a cross-site scripting vulnerability that can be exploited by a remote attacker to construct a malicious URI and trick the user into parsing it...

Comala Workflows /plugins/approvalsworkflow/saveworkflowmarkup.actio has multiple cross-site scripting vulnerabilities

Comala Workflows is a WEB-based application. The Comala Workflows /plugins/approvalsworkflow/saveworkflowmarkup.action script handles a cross-site scripting vulnerability in workflowMarkup that can be exploited by a remote attacker to construct a malicious URI, which induces the user to parse it,...

PT-2014-3366 · Vtiger · Vtiger Crm

Name of the Vulnerable Software and Affected Versions: vTiger CRM version 5.4.0 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the return url parameter to the "modulescom vtiger workflowsavetemplate.php"...