Mass Assignment
Flowise is vulnerable to Mass Assignment. The vulnerability is due to insufficient validation and authorization checks in the evaluator create and update operations, where authenticated users can modify server-controlled properties to take over evaluators across workspaces...