XSS in Langgenius Dify
CVE-2025-58747
Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when a victim connects to an attacker-controlled remote MCP server. The vulnerability exists in…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.000 (13.8th percentile) — read the EPSS interpretation.
Affected products
- Langgenius Dify — versions <= 1.9.1
Weakness classification (CWE)
References
- https://github.com/langgenius/dify/security/advisories/GHSA-9jch-j9qf-vqfw (x_refsource_CONFIRM)
- https://github.com/langgenius/dify/commit/bfda4ce7e6f39d43a4420e97e23a18edcfe3e3d3 (x_refsource_MISC)