VYPR

Fireflow

by Manageengine

CVEs (2)

  • CVE-2022-36783Oct 25, 2022
    risk 0.00cvss epss 0.00

    AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user (victim).…

  • CVE-2014-4164Jun 16, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html.