Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., <iframe src="javascript:alert(document.cookie)">) in a chat box, or by having a custom agent function return an XSS payload from an external website. The injected script executes in the victim's browser, enabling theft of cookies and session data.
References
| Link | Resource |
|---|---|
| https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv | Exploit Vendor Advisory |
| https://www.vulncheck.com/advisories/flowise-cross-site-scripting-in-chat-messages-and-agent-workflows | Third Party Advisory |
| https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv | Exploit Vendor Advisory |
Configurations
History
23 Jun 2026, 17:53
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv - Exploit, Vendor Advisory | |
| References | () https://www.vulncheck.com/advisories/flowise-cross-site-scripting-in-chat-messages-and-agent-workflows - Third Party Advisory | |
| CPE | cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:* | |
| First Time |
Flowiseai flowise
Flowiseai |
22 Jun 2026, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv - |
20 Jun 2026, 16:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-20 16:17
Updated : 2026-06-23 17:53
NVD link : CVE-2025-71331
Mitre link : CVE-2025-71331
CVE.ORG link : CVE-2025-71331
JSON object : View
Products Affected
flowiseai
- flowise
CWE
CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)