CVE-2025-58177 n8n stored cross-site scripting in LangChain Chat Trigger node initialMessages parameter

n8n is an open source workflow automation platform. From 1.24.0 to before 1.107.0, there is a stored cross-site scripting XSS vulnerability in @n8n/n8n-nodes-langchain.chatTrigger. An authorized user can configure the LangChain Chat Trigger node with malicious JavaScript in the initialMessages...

CVE-2025-58177 n8n stored cross-site scripting in LangChain Chat Trigger node initialMessages parameter

n8n is an open source workflow automation platform. From 1.24.0 to before 1.107.0, there is a stored cross-site scripting XSS vulnerability in @n8n/n8n-nodes-langchain.chatTrigger. An authorized user can configure the LangChain Chat Trigger node with malicious JavaScript in the initialMessages...

3xLogic Infinias eIDC32 Authorization Issues Vulnerability

The 3xLogic Infinias eIDC32 is an access control controller from 3xLogic USA. A security vulnerability exists in the 3xLOGIC Infinias eIDC32 Web version 1.107 using firmware version 32 2.213, which originates from the program's authentication via client-side parsing of the ＜KEY＞MYKEY＜/KEY＞ string...

CVE-2020-11542

3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the MYKEY substring...