GHSA-mq53-pc65-wjc4: FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
Summary
FlowiseAI has a mass assignment vulnerability (a bug where client input is copied directly into objects without filtering) in its Evaluation feature that allows authenticated users to move evaluations between workspaces by including a `workspaceId` field in their request. This breaks workspace isolation (the separation that keeps data from different teams or organizations separate) and allows attackers to access or modify other workspaces' evaluation data, including sensitive information like model outputs and prompts.
Solution / Mitigation
The source text states the vulnerability was "already fixed in PR https://github.com/FlowiseAI/Flowise/pull/6050 (allowlist pattern applied)." The fix implements an allowlist pattern (explicitly specifying which fields from the request body are permitted to be copied onto the entity) rather than blindly accepting all fields via `Object.assign()`. This same pattern was previously applied to the DocumentStore entity in commit 840d2ae.
Classification
Affected Vendors
Affected Packages
Related Issues
Original source: https://github.com/advisories/GHSA-mq53-pc65-wjc4
First tracked: May 14, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%