Опубликовано: 27 авг. 2024
Источник: github
Github: Прошло ревью
CVSS4: 8.6
CVSS3: 7.3
Описание
Flowise Authentication Bypass vulnerability
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality.
Пакеты
Наименование
flowise
npm
Затронутые версииВерсия исправления
<= 1.8.2
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 1 года назад
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality.