GHSA-728h-4mwj-f2p4: FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
Summary
FlowiseAI has a mass assignment vulnerability (a security flaw where an attacker can modify database fields they shouldn't be able to) in its CustomTemplate feature that allows authenticated users to move templates between workspaces by including a `workspaceId` field in their request. This breaks workspace isolation (the separation that prevents users from accessing data outside their assigned workspace), allowing an attacker to take over templates from other workspaces, since the code uses `Object.assign()` to copy user input directly into database records without filtering which fields are allowed.
Solution / Mitigation
The fix uses an allowlist pattern (explicitly allowing only certain safe fields to be copied from user input) and has already been applied in PR https://github.com/FlowiseAI/Flowise/pull/6129. The vulnerable code at line 211 of `packages/server/src/services/marketplaces/index.ts` that used `Object.assign(newTemplate, body)` was replaced with code that only copies approved fields, matching the same fix pattern that was previously applied to the DocumentStore entity in commit 840d2ae.
Classification
Affected Vendors
Affected Packages
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://github.com/advisories/GHSA-728h-4mwj-f2p4
First tracked: May 14, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 95%