Algosec · Algosec Fireflow · CVE-2023-46596
**Name of the Vulnerable Software and Affected Versions**
Algosec FireFlow versions A32.20 through A32.60
**Description**
The issue is related to improper input validation in the VisualFlow workflow editor via the `Name`, `Description`, and `Configuration File` fields. This allows an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code.
**Recommendations**
For version A32.20, update to b600 or above.
For version A32.50, update to b430 or above.
For version A32.60, update to b250 or above.