CVE-2023-46595

CVSS V2 None CVSS V3 None
Description
Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks. Fixed in A32.20 (b570 or above), A32.50 (b390 or above)
Overview
  • CVE ID
  • CVE-2023-46595
  • Assigner
  • AlgoSec
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-11-02T07:47:50.794Z
  • Last Modified Date
  • 2024-02-15T06:00:34.579Z
References
Reference URL Reference Tags
https://cwe.mitre.org/data/definitions/79.html
History
Created Old Value New Value Data Type Notes
2024-06-24 22:41:48 Added to TrackCVE