Miggo Logo
Miggo Vulnerability Database
GHSA-wq95-wr7m-26h4

GHSA-wq95-wr7m-26h4: Duplicate Advisory: Flowise Stored XSS vulnerability through logs in chatbot

8.2

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-wq95-wr7m-26h4
EPSS Score
-
CWE
CWE-79
Published
10/6/2025
Updated
10/8/2025
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
flowisenpm< 3.0.53.0.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability is a classic stored Cross-Site Scripting (XSS) issue within the Flowise application. The root cause is the insecure handling of data displayed in the user interface, specifically in components that render chat messages, logs, and execution details. The analysis of the patch commit c6c135535caad37a81acdd484e9390e152d4d74c reveals that several React components (ViewMessagesDialog, NodeExecutionDetails, ChatMessage, and JSONViewer) were using dangerouslySetInnerHTML to render data. This function, as its name implies, is dangerous if the content being rendered is not properly sanitized, as it allows for the injection and execution of arbitrary HTML and JavaScript.

An attacker could craft a malicious payload (e.g., <img src=x onerror=alert(document.cookie)>) and send it as a chat message. This payload would be stored on the server. When an administrator or another user views the chat history or related logs, the vulnerable components would render the malicious payload, causing the script to execute in the victim's browser. This could lead to session hijacking, data theft, or further attacks.

The fix implemented in the patch addresses this vulnerability by introducing a new SafeHTML component. This component utilizes the dompurify library to sanitize any HTML content before it is rendered. By replacing all instances of direct dangerouslySetInnerHTML usage with the new SafeHTML component, the application ensures that any potentially malicious content is stripped out, mitigating the XSS risk.

Vulnerable functions

ViewMessagesDialog
packages/ui/src/ui-component/dialog/ViewMessagesDialog.jsx
The `ViewMessagesDialog` component was vulnerable to stored XSS because it rendered HTML content from `item.data` directly using `dangerouslySetInnerHTML` without prior sanitization. An attacker could inject malicious HTML and script tags into the chat logs, which would then be executed in the browser of an administrator viewing the messages.
NodeExecutionDetails
packages/ui/src/views/agentexecutions/NodeExecutionDetails.jsx
The `NodeExecutionDetails` component was vulnerable to stored XSS. It used `dangerouslySetInnerHTML` to render `artifact.data`, which could contain unsanitized HTML. This would allow an attacker to execute arbitrary scripts when a user views the execution details of a node.
ChatMessage
packages/ui/src/views/chatmessage/ChatMessage.jsx
The `ChatMessage` component directly rendered HTML from `item.data` using `dangerouslySetInnerHTML`. This created a stored XSS vulnerability, as any malicious script embedded in the chat message content would be executed when the message is displayed to a user.
JSONViewer
packages/ui/src/ui-component/json/JsonViewer.jsx
The `JSONViewer` component was using `dangerouslySetInnerHTML` in conjunction with a custom `syntaxHighlight` function to display JSON data. The highlighting function's sanitization was insufficient, allowing for potential XSS attacks if the JSON data contained malicious HTML. The patch replaced this with a safer method of constructing React elements.

WAF Protection Rules

WAF Rule

### *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-*r**-vmj*-w***. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ### Ori*in*l **s*ription *lowis* ***or* *.*.* *llows XSS vi* * *ORM *l*m*nt *n* *n INP

Reasoning

T** vuln*r**ility is * *l*ssi* stor** *ross-Sit* S*riptin* (XSS) issu* wit*in t** *lowis* *ppli**tion. T** root **us* is t** ins**ur* **n*lin* o* **t* *ispl*y** in t** us*r int*r****, sp**i*i**lly in *ompon*nts t**t r*n**r ***t m*ss***s, lo*s, *n* *x