Improper Authentication

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Improper Authentication via the Self-Service Settings API. An attacker can circumvent centralized identity management and multi-factor authentication by disabling SSO enforcement for their own accou...

Improper Authentication

Overview @n8n/api-types is a fair-code workflow automation platform with native AI capabilities Affected versions of this package are vulnerable to Improper Authentication via the Self-Service Settings API. An attacker can circumvent centralized identity management and multi-factor authentication...

n8n has an SSO Enforcement Bypass in its Self-Service Settings API

Impact An authenticated user signed in through Single Sign-On SSO could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy,...

Improper Authentication

Overview @n8n/rest-api-client is a This package contains the REST API calls for n8n. Affected versions of this package are vulnerable to Improper Authentication via the Self-Service Settings API. An attacker can circumvent centralized identity management and multi-factor authentication by disabli...

GHSA-VJF3-2GPJ-233V n8n has an SSO Enforcement Bypass in its Self-Service Settings API

Impact An authenticated user signed in through Single Sign-On SSO could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy,...