3 matches found
n8n has XSS in its Credential Management Flow
Impact An authenticated user with permission to create and share credentials could craft a malicious OAuth2 credential containing a JavaScript URL in the Authorization URL field. If a victim opened the credential and interacted with the OAuth authorization button, the injected script would execut...
PT-2024-18227 · WordPress · The Otter Blocks – Gutenberg Blocks
Name of the Vulnerable Software and Affected Versions: The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE PRO plugin for WordPress versions up to, and including, 2.6.3 Description: The issue is related to Stored Cross-Site Scripting via a file upload form that allows SVG...
PT-2022-19459 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: Multiple TensorFlow operations misbehave in eager mode when the resource handle provided ...