VYPR
Unrated severityNVD Advisory· Published Oct 25, 2022· Updated May 7, 2025

AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)

CVE-2022-36783

Description

AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user (victim). JavaScript code is executed on the browser of the other user.

Affected products

4
  • Manageengine/Fireflowllm-fuzzy4 versions
    (expand)+ 3 more
    • (no CPE)
    • (no CPE)range: A32.0.580-277
    • (no CPE)range: A32.10.410-212
    • (no CPE)range: A32.20.230-35

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.