VYPR
Critical severityNVD Advisory· Published Oct 6, 2025· Updated Oct 6, 2025

CVE-2025-50538

CVE-2025-50538

Description

Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
flowisenpm
< 3.0.83.0.8

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.