Langflow - Stored XSS via Malicious SVG Upload

A critical stored cross-site scripting (XSS) vulnerability has been identified in Langflow, specifically within the image file serving endpoint. This security flaw allows unauthenticated or authenticated attackers to upload malicious SVG files containing embedded JavaScript. When other users view these files, the script executes within their browser context. The primary impact involves the theft of authentication tokens, including JWT access and refresh tokens stored in cookies, potentially leading to full account compromise. This vulnerability highlights the risk of insufficient input sanitization in web applications handling user-uploaded content. Organizations utilizing Langflow should immediately apply vendor patches or implement strict content sanitization policies for SVG uploads. Mitigation strategies include disabling SVG uploads or enforcing Content Security Policy (CSP) headers to prevent script execution. Immediate action is required to prevent credential harvesting and unauthorized access to user sessions within affected environments.

Langflow - Stored XSS via Malicious SVG Upload The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Since SVG files can contain embedded JavaScript, an attacker can upload a malicious SVG that executes arbitrary JavaScript when viewed by other users, leading to stored cross-site scripting (XSS). This allows stealing authentication tokens stored in cookies, including JWT access and refresh tokens. Joshua Martinelle Fri, 03/27/2026 - 10:43

A critical stored cross-site scripting (XSS) vulnerability has been identified in Langflow, specifically within the image file serving endpoint. This security flaw allows unauthenticated or authenticated attackers to upload malicious SVG files containing embedded JavaScript. When other users view these files, the script executes within their browser context. The primary impact involves the theft of authentication tokens, including JWT access and refresh tokens stored in cookies, potentially leading to full account compromise. This vulnerability highlights the risk of insufficient input sanitization in web applications handling user-uploaded content. Organizations utilizing Langflow should immediately apply vendor patches or implement strict content sanitization policies for SVG uploads. Mitigation strategies include disabling SVG uploads or enforcing Content Security Policy (CSP) headers to prevent script execution. Immediate action is required to prevent credential harvesting and unauthorized access to user sessions within affected environments. Langflow - Stored XSS via Malicious SVG Upload The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Since SVG files can contain embedded JavaScript, an attacker can upload a malicious SVG that executes arbitrary JavaScript when viewed by other users, leading to stored cross-site scripting (XSS). This allows stealing authentication tokens stored in cookies, including JWT access and refresh tokens. Joshua Martinelle Fri, 03/27/2026 - 10:43 Langflow - Stored XSS via Malicious SVG Upload The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Since SVG files can contain embedded JavaScript, an attacker can upload a malicious SVG that executes arbitrary JavaScript when viewed by other users, leading to stored cross-site scripting (XSS). This allows stealing authentication tokens stored in cookies, including JWT access and refresh tokens. Joshua Martinelle Fri, 03/27/2026 - 10:43