Stored Cross-Site Scripting in RAGFlow by Infiniflow
CVE-2026-58579

5.1MEDIUM

Key Information:

Vendor

Infiniflow

Status
Vendor
CVE Published:
2 July 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-58579?

RAGFlow versions prior to 0.26.3 are exposed to a stored cross-site scripting vulnerability due to insufficient sanitization of agent pipeline node names. The normalize_dsl function validates JSON serialization but does not sanitize the node name itself. This leads to scenarios where an authenticated user, capable of modifying or creating agents, can inject malicious JavaScript into the dataflow-result web UI. When another workspace member opens this UI, the injected script executes within their session, potentially leading to session hijacking and unauthorized account access.

Affected Version(s)

ragflow 0 < 0.26.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

George Chen
.