Site icon API Security Blog

Code Injection

flowise is vulnerable to Code Injection. The vulnerability is due to a lack of sanitization of the fileName body parameter in the /api/v1/openai-assistants-file endpoint in index.ts. An attacker can exploit this to read arbitrary files on the…Read More

Exit mobile version