7.7 High
AI Score
Confidence
Low
flowise is vulnerable to Code Injection. The vulnerability is due to improper input validation in the api/v1 endpoint, allowing a remote attacker to execute arbitrary code via a crafted script.
github.com/FlowiseAI/Flowise/blob/flowise-ui%401.6.5/packages/server/src/index.ts#L143
github.com/FlowiseAI/Flowise/commit/e32b64344544312bf38b3e1fefe7b26c1776a426
www.exploit-db.com/exploits/52001