Flowise · Flowise · CVE-2025-50538
**Name of the Vulnerable Software and Affected Versions**
Flowise versions prior to 3.0.5
**Description**
The software contains a cross-site scripting issue that can be triggered when an administrator views the chat log through an IFRAME element. This could potentially lead to session hijacking and data theft.
**Recommendations**
Update to version 3.0.5 or later.