Key Information Vulnerability Description Type: Stored Cross-Site Scripting (XSS) Location: The field within the dialog configuration feature, specifically in the "Opening greeting" section under "Assistant Setting". Issue: The application fails to properly sanitize user input, allowing unsanitized content to be executed as malicious HTML and JavaScript when rendered by a Markdown component using the rehype-raw plugin. Source-Sink Analysis 1. Source: The function in accepts unsanitized user-provided parameter. 2. Intermediate: in directly stores the unsanitized user input into the database. 3. Intermediate: in returns the unsanitized data in JSON response. 4. Sink: The component in renders the unsanitized content using the rehype-raw plugin, enabling JavaScript execution. Proof of Concept 1. Log in to the RAGFlow application. 2. Navigate to the chat section and click the "Create an Assistant" button. 3. In the "Opening greeting" field, input the following payload: 4. Start a new conversation and observe the JavaScript alert popup displaying "XSS Vulnerability in RAGFlow". Impact Attackers can: Execute arbitrary JavaScript in other users' browser contexts. Steal authentication tokens, session cookies, and other sensitive information. Perform unauthorized actions on behalf of victims. Access sensitive data, including knowledge base content. Fix GitHub Fix Link Details Repository: https://github.com/infiniflow/ragflow Version: 0.17.2