Miggo Logo
Miggo Vulnerability Database
GHSA-7rgr-72hp-9wp3

GHSA-7rgr-72hp-9wp3: Duplicate Advisory: Flowise is vulnerable to stored XSS via "View Messages" allows credential theft in FlowiseAI admin panel

8.2

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-7rgr-72hp-9wp3
EPSS Score
-
CWE
CWE-79
Published
10/6/2025
Updated
10/8/2025
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
flowisenpm< 3.0.53.0.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability is a classic stored Cross-Site Scripting (XSS) issue within the Flowise admin panel. The root cause is the use of React's dangerouslySetInnerHTML property to render HTML content from user-provided data without proper sanitization. This was identified in multiple UI components:

  1. ViewMessagesDialog: This is the primary component mentioned in the advisory's title ("View Messages"). It rendered chat messages of type 'html' directly into the DOM.
  2. ChatMessage: A similar component for displaying individual chat messages, also using dangerouslySetInnerHTML.
  3. NodeExecutionDetails: This component, used for displaying details of an agent's execution, also rendered artifact data directly as HTML.
  4. JSONViewer: This component used dangerouslySetInnerHTML to render syntax-highlighted JSON, which could be manipulated to include malicious HTML.

The patch addresses this by introducing a new SafeHTML component. This component uses the DOMPurify library to sanitize the HTML content, removing any potentially malicious elements like <script> tags and on* event handlers, before rendering it. By replacing all instances of dangerouslySetInnerHTML with this new safe component, the XSS vulnerability is mitigated across the application.

Vulnerable functions

ViewMessagesDialog
packages/ui/src/ui-component/dialog/ViewMessagesDialog.jsx
The `ViewMessagesDialog` component directly rendered HTML content from `item.data` using `dangerouslySetInnerHTML`. This allows an attacker to inject malicious scripts that will be executed when a user views the message, leading to a stored Cross-Site Scripting (XSS) vulnerability.
NodeExecutionDetails
packages/ui/src/views/agentexecutions/NodeExecutionDetails.jsx
The `NodeExecutionDetails` component rendered HTML from `artifact.data` using `dangerouslySetInnerHTML` without sanitization. This could allow an attacker to execute arbitrary scripts in the context of the user's browser.
ChatMessage
packages/ui/src/views/chatmessage/ChatMessage.jsx
The `ChatMessage` component was vulnerable to XSS because it used `dangerouslySetInnerHTML` to render HTML content from `item.data`. This allows for the injection and execution of malicious scripts.
JSONViewer
packages/ui/src/ui-component/json/JsonViewer.jsx
The `JSONViewer` component used `dangerouslySetInnerHTML` in conjunction with a `syntaxHighlight` function to display formatted JSON. Although the `syntaxHighlight` function performed some escaping, it was insufficient to prevent all XSS attack vectors. The patch replaced this with a safer method of building React elements.

WAF Protection Rules

WAF Rule

### *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-***p-j***-m*w*. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ### Ori*in*l **s*ription *lowis* ***or* *.*.* *llows XSS vi* *n I*R*M* *l*m*nt w**n *n

Reasoning

T** vuln*r**ility is * *l*ssi* stor** *ross-Sit* S*riptin* (XSS) issu* wit*in t** *lowis* **min p*n*l. T** root **us* is t** us* o* R***t's `**n**rouslyS*tInn*r*TML` prop*rty to r*n**r *TML *ont*nt *rom us*r-provi*** **t* wit*out prop*r s*nitiz*tion.