Versions (3)
Version DetailsCurrent
Rev: 3 • Dec 1, 2025, 12:00 PMET INFO Flowise Reset Password with tempToken
alert http any any -> $HOME_NET any (msg:"ET INFO Flowise Reset Password with tempToken"; flow:established,to_server; http.uri; content:"/api/v1/account/reset-password"; fast_pattern; http.request_body; content:"|22|password|22 3a|"; content:"|22|tempToken|22 3a|"; http.method; content:"POST"; reference:url,github.com/advisories/GHSA-wgpv-6j63-x5ph; classtype:misc-activity; sid:2065966; rev:3; metadata:affected_product Flowise, attack_target Server, tls_state TLSDecrypt, created_at 2025_12_01, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2026_01_20;)
Dec 1, 2025, 12:00 PM
Jan 20, 2026, 12:00 PM
Dec 1, 2025, 11:34 PM
Jan 20, 2026, 9:34 PM
rules/emerging-info.rules