CVE-2025-58177
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-10-14

Assigner: GitHub, Inc.

Description
n8n is an open source workflow automation platform. From 1.24.0 to before 1.107.0, there is a stored cross-site scripting (XSS) vulnerability in @n8n/n8n-nodes-langchain.chatTrigger. An authorized user can configure the LangChain Chat Trigger node with malicious JavaScript in the initialMessages field and enable public access so that the payload is executed in the browser of any user who visits the resulting public chat URL. This can be used for phishing or to steal cookies or other sensitive data from users accessing the public chat link. The issue is fixed in version 1.107.0. Updating to 1.107.0 or later is recommended. As a workaround, the affected chatTrigger node can be disabled. No other workarounds are known.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-10-14
Generated
2026-06-16
AI Q&A
2025-09-15
EPSS Evaluated
2026-06-15
NVD
CVE-2025-58177
EUVD
EUVD-2025-29216
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
n8n n8n From 1.24.0 (inc) to 1.107.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-58177 is a stored Cross-Site Scripting (XSS) vulnerability in the @n8n/n8n-nodes-langchain.chatTrigger node of the n8n workflow automation platform, affecting versions from 1.24.0 up to but not including 1.107.0. An authorized user can insert malicious JavaScript code into the "initialMessages" field and enable public access, causing the malicious script to be stored and executed in the browsers of any users who visit the public chat URL. This allows attackers to perform phishing attacks or steal cookies and other sensitive data from users accessing the public chat link. The root cause is improper neutralization of user input before embedding it in web pages (CWE-79). The issue was fixed in version 1.107.0 by sanitizing inputs, validating parameters, and removing dangerous protocols. [1, 2, 3]

Impact Analysis

This vulnerability can impact you by allowing attackers to execute malicious JavaScript in the browsers of users who visit a public chat URL configured with the vulnerable node. This can lead to phishing attacks or theft of cookies and other sensitive information from those users. The attack requires an authorized user to configure the node with malicious input and enable public access, and victims must visit the malicious URL for the attack to succeed. The confidentiality impact is low, but it can compromise user data and trust. [1]

Detection Guidance

This vulnerability can be detected by identifying if your n8n instance is running a vulnerable version (from 1.24.0 up to but not including 1.107.0) and if the @n8n/n8n-nodes-langchain.chatTrigger node is enabled with public access. Detection involves checking for the presence of the chatTrigger node configured with potentially malicious JavaScript in the initialMessages field. Since the vulnerability requires an authorized user to input malicious code and enable public access, you can audit your workflows for the chatTrigger node settings. There are no specific commands provided in the resources, but you can check your n8n workflows configuration files or database entries for the chatTrigger node's initialMessages parameter and public access settings. Additionally, monitoring HTTP requests to public chat URLs for suspicious script execution or unusual payloads could help detect exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading your n8n installation to version 1.107.0 or later, where the vulnerability is fully patched. If upgrading is not immediately possible, you should disable the affected @n8n/n8n-nodes-langchain.chatTrigger node to prevent exploitation. The patch includes comprehensive input sanitization, strict parameter validation, and removal of dangerous protocols to prevent XSS attacks. Therefore, applying the official update is the recommended and most effective mitigation. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-58177. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart