Cross-Workspace

FlowiseAI is vulnerable to a mass assignment vulnerability in the Assistant controller/service allowing an attacker, authenticated as a member of one workspace, to move an assistant (including configurations, instructions, tools and credentials) to another workspace by overwriting the `workspaceId` and `id` fields in the request body, leading to cross-workspace data takeover and IDOR.

FlowiseAI is vulnerable to cross-workspace data takeover due to mass assignment in the CustomTemplate controller, allowing an attacker to move templates to other workspaces by overwriting the `workspaceId` via API request.

FlowiseAI is vulnerable to a mass assignment vulnerability via `Object.assign(entity, body)` which allows a client-controlled `workspaceId` to be overwritten on the Dataset entity, leading to cross-workspace data takeover and IDOR.

FlowiseAI is vulnerable to a mass assignment vulnerability in the DatasetRow controller/service, allowing an authenticated attacker to overwrite the `workspaceId` and `id` of a DatasetRow entity, leading to cross-workspace data takeover and IDOR.

FlowiseAI is vulnerable to a mass assignment vulnerability (fixed in PR 6050) that allows authenticated users to move Evaluation entities between workspaces by overwriting the `workspaceId` field via API request, leading to unauthorized data access.

A mass assignment vulnerability exists in FlowiseAI's chatflow update endpoint (CVE-2026-42863), allowing authenticated users to modify server-controlled properties like `deployed`, `isPublic`, and `workspaceId` due to missing server-side validation, leading to cross-workspace resource reassignment and unauthorized modification of deployment and visibility settings.