2 matches found
CVE-2026-42861 Flowise: Mass Assignment in Variable Update Endpoint Allows Cross-Workspace Resource Reassignment
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...
NPM: FlowiseAI has Mass Assignment in Variable Update Endpoint that Allows Cross-Workspace Resource Reassignment
NPM: FlowiseAI has Mass Assignment in Variable Update Endpoint that Allows Cross-Workspace Resource Reassignment vulnerability discovered by ? in WordPress Npm flowise versions = 3.1.1...