Flowise Cypher Injection Vulnerability in GraphCypherQAChain Node

A Cypher injection vulnerability has been identified in Flowise versions prior to 3.1.0, specifically within the GraphCypherQAChain node. This issue arises because user input is forwarded directly into the Cypher query execution pipeline without adequate sanitization. As a result, an attacker can inject arbitrary Cypher commands that are executed on the connected Neo4j database, potentially leading to unauthorized data access, modification, deletion, or exfiltration. The vulnerability is present in Flowise's core package and the flowise-components package, both of which are affected in versions through 3.0.13.

Impact

Exploitation of this vulnerability allows for direct injection of Cypher commands into the Neo4j database, where the injected commands are executed without any sanitization. This could result in unauthorized data access, modification, deletion, or exfiltration. Additionally, commands could be injected to destroy data or manipulate the database schema.

Reproduction

To reproduce this vulnerability, first, set up a Neo4j database and create test data. Then, configure a Flowise chatflow that includes the Graph Cypher QA Chain node, ensuring it is connected to a Neo4j Graph node with valid credentials. Once the chatflow is set up, access the prediction endpoint of the chatflow's API and inject Cypher commands through the GraphCypherQAChain node.

Remediation

Users can upgrade to Flowise version 3.1.0 or later, where this vulnerability has been fixed.