CVE-2025-50538 🟠 High

CVE-2025-50538: XSS vulnerability in Flowise

Flowise before 3.0.5 has an XSS vulnerability that can be exploited via an IFRAME element when an admin views the chat log.

CVE ID

CVE-2025-50538

CVSS Score

8.2

Vendor

unknown

Published

Oct 06

Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log. For more information, visit: [NIST NVD](https://nvd.nist.gov/vuln/detail/CVE-2025-50538) and [MITRE CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50538).

Vulnerability Details

CVE ID: CVE-2025-50538
Severity: High
CVSS v3 Score: 8.2 / 10.0
Affected Vendor: unknown
Publication Date: October 06, 2025

External Resources

NIST NVD Database
MITRE CVE

Need Help?

Protect your infrastructure with our comprehensive security scanning tools.

Explore Security Scanners

Back to CVE Database