Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an malicious user to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks. Fixed in A32.20 (b570 or above), A32.50 (b390 or above)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
algosec fireflow a32.20 |
||
algosec fireflow a32.50 |
||
algosec fireflow a32.60 |