{"data":{"id":"1c2202eb-b54c-46f6-a949-106247825b21","title":"GHSA-728h-4mwj-f2p4: FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover","summary":"FlowiseAI has a mass assignment vulnerability (a security flaw where an attacker can modify database fields they shouldn't be able to) in its CustomTemplate feature that allows authenticated users to move templates between workspaces by including a `workspaceId` field in their request. This breaks workspace isolation (the separation that prevents users from accessing data outside their assigned workspace), allowing an attacker to take over templates from other workspaces, since the code uses `Object.assign()` to copy user input directly into database records without filtering which fields are allowed.","solution":"The fix uses an allowlist pattern (explicitly allowing only certain safe fields to be copied from user input) and has already been applied in PR https://github.com/FlowiseAI/Flowise/pull/6129. The vulnerable code at line 211 of `packages/server/src/services/marketplaces/index.ts` that used `Object.assign(newTemplate, body)` was replaced with code that only copies approved fields, matching the same fix pattern that was previously applied to the DocumentStore entity in commit 840d2ae.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-728h-4mwj-f2p4","publishedAt":"2026-05-14T16:19:32.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":["flowise@<= 3.1.1 (fixed: 3.1.2)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["FlowiseAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-05-14T16:19:32.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}