Home

Description

Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., <iframe src="javascript:alert(document.cookie)">) in a chat box, or by having a custom agent function return an XSS payload from an external website. The injected script executes in the victim's browser, enabling theft of cookies and session data.

PUBLISHED Reserved 2026-06-19 | Published 2026-06-20 | Updated 2026-06-22 | Assigner VulnCheck




MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
MEDIUM: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Problem types

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Product status

Default status
unaffected

Any version before 3.0.8
affected

3.0.8 (semver)
unaffected

Credits

quitbug reporter

References

github.com/...lowise/security/advisories/GHSA-4fr9-3x69-36wv exploit

github.com/...lowise/security/advisories/GHSA-4fr9-3x69-36wv (GHSA Advisory GHSA-4fr9-3x69-36wv) vendor-advisory

www.vulncheck.com/...ng-in-chat-messages-and-agent-workflows (VulnCheck Advisory: Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows) third-party-advisory

cve.org (CVE-2025-71331)

nvd.nist.gov (CVE-2025-71331)

Download JSON