CVE-2023-46595

Name of the Vulnerable Software and Affected Versions FireFlow versions prior to A32.20 (b570) FireFlow versions prior to A32.50 (b390) FireFlow versions prior to A32.60 (b220)

Description The issue allows an attacker to obtain a victim's domain credentials and Net-NTLM hash via HTML injection in the VisualFlow workflow editor, potentially leading to relay domain attacks. This is achieved through stored HTML injection using the Name and Description fields, and also impacts outbound actions using the Name and Category parameters.

Recommendations For versions prior to A32.20 (b570), update to A32.20 (b570 or above) to resolve the issue. For versions prior to A32.50 (b390), update to A32.50 (b390 or above) to resolve the issue. For versions prior to A32.60 (b220), update to A32.60 (b220 or above) to resolve the issue. As a temporary workaround, consider restricting the use of the Name and Description fields in the VisualFlow workflow editor, as well as limiting outbound actions using the Name and Category parameters, until a patch is applied.