Vulnerabilities > Flowiseai

DATE CVE VULNERABILITY TITLE RISK
2024-09-25 CVE-2024-9148 Cross-site Scripting vulnerability in Flowiseai Embed and Flowise
Flowise < 2.1.1 suffers from a Stored Cross-Site vulnerability due to a lack of input sanitization in Flowise Chat Embed < 2.0.0.
network
low complexity
flowiseai CWE-79
6.1
6.1
2024-08-27 CVE-2024-8181 Improper Authentication vulnerability in Flowiseai Flowise 1.8.2
An Authentication Bypass vulnerability exists in Flowise version 1.8.2.
network
low complexity
flowiseai CWE-287
8.1
8.1
2024-08-27 CVE-2024-8182 Unspecified vulnerability in Flowiseai Flowise 1.8.2
An Unauthenticated Denial of Service (DoS) vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint.
network
low complexity
flowiseai
7.5
7.5
2024-07-01 CVE-2024-36423 Cross-site Scripting vulnerability in Flowiseai Flowise
Flowise is a drag & drop user interface to build a customized large language model flow.
network
low complexity
flowiseai CWE-79
6.1
6.1
2024-07-01 CVE-2024-37145 Cross-site Scripting vulnerability in Flowiseai Flowise
Flowise is a drag & drop user interface to build a customized large language model flow.
network
low complexity
flowiseai CWE-79
6.1
6.1
2024-07-01 CVE-2024-37146 Cross-site Scripting vulnerability in Flowiseai Flowise
Flowise is a drag & drop user interface to build a customized large language model flow.
network
low complexity
flowiseai CWE-79
6.1
6.1
2024-07-01 CVE-2024-36420 Injection vulnerability in Flowiseai Flowise 1.4.3
Flowise is a drag & drop user interface to build a customized large language model flow.
network
low complexity
flowiseai CWE-74
7.5
7.5
2024-07-01 CVE-2024-36421 Origin Validation Error vulnerability in Flowiseai Flowise 1.4.3
Flowise is a drag & drop user interface to build a customized large language model flow.
network
low complexity
flowiseai CWE-346
7.5
7.5
2024-07-01 CVE-2024-36422 Cross-site Scripting vulnerability in Flowiseai Flowise 1.4.3
Flowise is a drag & drop user interface to build a customized large language model flow.
network
low complexity
flowiseai CWE-79
6.1
6.1