CVE-2025-50538 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log.
High CVSS: 8.2

CVE-2025-50538

Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log.
Vendor
Flowiseai
Product
Flowise
CWE
CWE-79
Yayın Tarihi
2025-10-06 02:15:40
Güncelleme
2025-10-07 17:03:12
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-79 Flowise HIGH Flowiseai 2025

Referanslar

https://github.com/FlowiseAI/Flowise/pull/4905 https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5 https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc