Vulnerabilities > Algosec

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-15	CVE-2023-46596	Cross-site Scripting vulnerability in Algosec Fireflow A32.20/A32.50/A32.60 Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. network low complexity algosec CWE-79	6.1
2023-11-02	CVE-2023-46595	Cross-site Scripting vulnerability in Algosec Fireflow A32.20/A32.50/A32.60 Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks. network low complexity algosec CWE-79	5.4
2022-10-25	CVE-2022-36783	Cross-site Scripting vulnerability in Algosec Fireflow A32.20 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. network low complexity algosec CWE-79	5.4

Vulnerabilities > Algosec {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Algosec"}]}