AlgoSec FireFlow A32.60
Approved changes feed: RSS · Atom
cpe:2.3:a:algosec:fireflow:a32.60:*:*:*:*:*:*:*
part: a version: a32.60 update: *
| Vendor | Algosec (8f27cfea-3e75-5d7f-b11d-487996827e94) |
|---|---|
| Product | Fireflow (89aa62ce-da78-5d65-acf0-716481f0cd7d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-46596 |
vulnerable | 2026-06-08 06:12:45.361676 |
Improper input validation in FireFlow’s VisualFlow workflow editor
MEDIUM (5.1)
Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.20 (b600 and above), A32.50 (b430 and above), A32.60 (b250 and above)
Published: 2024-02-15T06:07:19.393Z
Updated: 2024-08-02T20:45:42.302Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-46595 |
vulnerable | 2026-06-08 06:12:45.361100 |
Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor
MEDIUM (5.9)
Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks. Fixed in A32.20 (b570 or above), A32.50 (b390 or above)
Published: 2023-11-02T07:47:50.794Z
Updated: 2025-11-12T08:38:33.676Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.