Flowise Mass Assignment Vulnerability in Dataset Management Allows Cross-Workspace Data Takeover

A mass assignment vulnerability has been identified in Flowise, a user interface for building customized large language model flows. This issue, present in versions prior to 3.1.2, allows for cross-workspace dataset takeover by exploiting the dataset creation and update processes. The vulnerability arises because the Dataset controller does not properly validate which fields can be overwritten, enabling authenticated users to manipulate dataset ownership and access through the workspaceId field.

Impact

Exploitation of this vulnerability allows authenticated users to transfer datasets between workspaces, violating workspace boundaries and exposing sensitive data to unauthorized users. This could lead to misuse of training and evaluation data, which is critical for managing large language model workflows.

Reproduction

To reproduce this vulnerability, an authenticated user must first create a dataset in their workspace or use an existing one. The user can then send a request to update the dataset, including a workspaceId from a different workspace. The request will be processed as if it originated from the user's current workspace, but will result in the dataset being transferred to the other workspace, thereby bypassing workspace isolation.

Remediation

Users can update to Flowise version 3.1.2 or later, where this vulnerability has been patched. The update is available on the Flowise GitHub Releases page.