CVE ID :CVE-2025-71331
Published : June 20, 2026, 3:24 p.m. | 4 hours, 11 minutes ago
Description :Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., Advertise here
Published : June 20, 2026, 3:24 p.m. | 4 hours, 11 minutes ago
Description :Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., Advertise here
