GHSA-3g4j-r53p-22wx

Опубликовано: 17 окт. 2025

Источник: github

Github: Прошло ревью

CVSS3: 9.1

Описание

Duplicate Advisory: FlowiseAI Pre-Auth Arbitrary Code Execution

This advisory has been withdrawn because it is a duplicate of GHSA-7944-7c6r-55vv. This link is maintained to preserve external references.

Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.

Наименование

flowise

npm

Затронутые версииВерсия исправления

= 3.0.5

3.0.6

9.1 Critical

CVSS3

CWE-94

9.1 Critical

CVSS3

CWE-94