CVE-2026-2098

Publication date

2026-02-10 07:06:27

Family

twcert

State

PUBLISHED

Description

AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in users browser through phishing attacks.