Flowise Mass Assignment Vulnerability in Assistant Update Endpoint Allows Cross-Workspace Resource Reassignment

A mass assignment vulnerability has been identified in Flowise versions prior to 3.1.2, specifically within the assistant update endpoint. This vulnerability allows authenticated users to modify server-controlled properties, such as workspaceId, createdDate, and updatedDate, when updating an assistant resource. The issue arises from a lack of proper server-side validation and authorization checks, enabling attackers to manipulate the workspaceId field and reassign assistants to arbitrary workspaces. This flaw disrupts tenant isolation in multi-workspace environments.

Impact

Exploitation of this vulnerability allows for cross-workspace reassignment of assistants, breaking tenant isolation boundaries in multi-tenant deployments. Additionally, it enables unauthorized modification of metadata fields such as createdDate and updatedDate.

Reproduction

To reproduce this vulnerability, authenticate to the Flowise interface and capture a request to the assistant update endpoint. Modify the request body to include server-controlled fields, such as workspaceId, along with assistant metadata. Send the request and observe that the injected workspaceId and metadata fields are accepted and persisted by the server.

Remediation

Users can update to Flowise version 3.1.2 or later, where this vulnerability has been patched.