Common Weakness Enumeration

CWE-915

Allowed

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Abstraction: Base · Status: Incomplete

The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified.

275 vulnerabilities reference this CWE, most recent first.

GHSA-W6RX-9G2X-MG5G

Vulnerability from github – Published: 2024-12-10 00:31 – Updated: 2025-06-04 00:43
VLAI
Summary
Drupal core contains a potential PHP Object Injection vulnerability
Details

Drupal core contains a potential PHP Object Injection vulnerability that (if combined with another exploit) could lead to Remote Code Execution. It is not directly exploitable.

This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to allow an attacker to pass unsafe input to unserialize(). There are no such known exploits in Drupal core.

To help protect against this potential vulnerability, types have been added to properties in some of Drupal core's classes. If an application extends those classes, the same types may need to be specified on the subclass to avoid a TypeError.

This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.8.0"
            },
            {
              "fixed": "10.2.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.3.0"
            },
            {
              "fixed": "10.3.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core-recommended"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.8.0"
            },
            {
              "fixed": "10.2.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core-recommended"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.3.0"
            },
            {
              "fixed": "10.3.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/core-recommended"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.8.0"
            },
            {
              "fixed": "10.2.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.3.0"
            },
            {
              "fixed": "10.3.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "drupal/drupal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-55637"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-12-10T19:09:22Z",
    "nvd_published_at": "2024-12-10T00:15:22Z",
    "severity": "HIGH"
  },
  "details": "Drupal core contains a potential PHP Object Injection vulnerability that (if combined with another exploit) could lead to Remote Code Execution. It is not directly exploitable.\n\nThis issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to allow an attacker to pass unsafe input to `unserialize()`. There are no such known exploits in Drupal core.\n\nTo help protect against this potential vulnerability, types have been added to properties in some of Drupal core\u0027s classes. If an application extends those classes, the same types may need to be specified on the subclass to avoid a `TypeError`.\n\nThis issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.",
  "id": "GHSA-w6rx-9g2x-mg5g",
  "modified": "2025-06-04T00:43:36Z",
  "published": "2024-12-10T00:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55637"
    },
    {
      "type": "WEB",
      "url": "https://github.com/drupal/core/commit/1664030d399c73b4144f410f2ccc68c66a947f8d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/drupal/core"
    },
    {
      "type": "WEB",
      "url": "https://www.drupal.org/sa-core-2024-007"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Drupal core contains a potential PHP Object Injection vulnerability"
}

GHSA-WFWQ-XC57-FQ7V

Vulnerability from github – Published: 2021-05-25 15:59 – Updated: 2023-07-13 17:59
VLAI
Summary
eivindfjeldstad-dot contains prototype pollution vulnerability
Details

eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@eivifj/dot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-7639"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-07T23:58:45Z",
    "nvd_published_at": "2020-04-06T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function \u0027set\u0027 could be tricked into adding or modifying properties of \u0027Object.prototype\u0027 using a \u0027__proto__\u0027 payload.",
  "id": "GHSA-wfwq-xc57-fq7v",
  "modified": "2023-07-13T17:59:31Z",
  "published": "2021-05-25T15:59:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7639"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eivindfjeldstad/dot/commit/774e4b0c97ca35d2ae40df2cd14428d37dd07a0b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/eivindfjeldstad/dot"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-EIVIFJDOT-564435"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "eivindfjeldstad-dot contains prototype pollution vulnerability"
}

GHSA-WP4H-PVGW-5727

Vulnerability from github – Published: 2021-12-02 14:50 – Updated: 2021-12-02 14:45
VLAI
Summary
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts
Details

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.struts:struts2-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.5.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-0230"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-12-02T14:45:03Z",
    "nvd_published_at": "2020-09-14T17:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.",
  "id": "GHSA-wp4h-pvgw-5727",
  "modified": "2021-12-02T14:45:03Z",
  "published": "2021-12-02T14:50:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0230"
    },
    {
      "type": "WEB",
      "url": "https://cwiki.apache.org/confluence/display/ww/s2-059"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/struts"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/2982840"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/160108/Apache-Struts-2.5.20-Double-OGNL-Evaluation.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts"
}

GHSA-WXRR-JP8M-QQ7F

Vulnerability from github – Published: 2026-05-14 16:19 – Updated: 2026-06-09 18:40
VLAI
Summary
FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
Details

Summary

Type: Mass assignment via Object.assign(entity, body) -> client-controlled workspaceId (and on create, id) overwritten on the Evaluator entity -> cross-workspace data takeover and IDOR. File: packages/server/src/Interface.Evaluation.ts Root cause: The Evaluator controller/service constructs a new Evaluator() and copies the request body into it via Object.assign(...) without an explicit field allowlist. The request body therefore can include workspaceId, id, createdDate, updatedDate. The server only rebinds some of these after the assign (e.g. on create, it overwrites workspaceId but not id; on update, it overwrites id but not workspaceId). The remaining client-controlled values land directly on the persisted row, breaking workspace isolation. Same root pattern as the evaluator entity's sibling controllers and as DocumentStore before it was patched in commit 840d2ae.

Affected Code

File: packages/server/src/Interface.Evaluation.ts

// at line 85
Object.assign(newEvaluator, body)       // <-- BUG: body.id, body.workspaceId, body.createdDate, body.updatedDate accepted

Why it's wrong: Object.assign(target, source) copies every own enumerable property of source onto target. The TypeORM/SQL persistence layer below it does not strip ownership-bearing columns, so workspaceId set in the request body lands as the new workspaceId of the persisted row. The DocumentStore patch (commit 840d2ae) demonstrated the intended fix shape (explicit field-by-field allowlist) but it has not been applied to this entity.

Exploit Chain

  1. Attacker is an authenticated member of workspace A. They have a session cookie / JWT for the Flowise web UI. State at this point: attacker can read and write entities scoped to workspace A.
  2. Attacker creates a evaluator in workspace A via the documented API (or reuses an existing one they own). They note its entity id.
  3. Attacker issues a PUT /api/v1/evaluators/<id> (or equivalent endpoint) with a JSON body that includes "workspaceId": "<workspace-B-id>" (an arbitrary other workspace's UUID). State at this point: the request reaches the controller as a workspace-A authenticated request.
  4. The controller calls Object.assign(updateEntity, body). The body's workspaceId overwrites the entity's workspaceId field. The persistence layer commits the row.
  5. Final state: the evaluator row is now owned by workspace B. Workspace B members can see it, modify it, and use it. Workspace A loses access (it no longer satisfies their workspace filter). The original creator's workspace audit shows nothing because the operation looked like a normal update.

Security Impact

Severity: High. Cross-workspace boundary violation by any authenticated workspace member. Attacker capability: Any authenticated user with permission to update a evaluator can move it to any workspace whose UUID they can guess or enumerate (workspace UUIDs are exposed in many API responses, so enumeration is trivial). Evaluators score model outputs and can be moved into another workspace via workspaceId overwrite, making the evaluator (and its scoring rubric) appear there. Preconditions: Authenticated session with edit permission for the source evaluator. No second factor required. Workspace UUIDs are exposed via the /api/v1/workspaces listing or via any cross-referenced object's workspaceId field, so target enumeration is trivial. Differential: PoC-verified by source inspection of the original GHSA-q4pr-4r26-c69r. Patched build (with the suggested fix below) refuses the workspaceId field; vulnerable build accepts it and persists it.

Suggested Fix

Already fixed in PR https://github.com/FlowiseAI/Flowise/pull/6050 (allowlist pattern applied).

// Allowlist pattern (matches commit 840d2ae for DocumentStore):
const updatedEvaluator = new Evaluator()
if (body.<allowed_field_1> !== undefined) updatedEvaluator.<allowed_field_1> = body.<allowed_field_1>
if (body.<allowed_field_2> !== undefined) updatedEvaluator.<allowed_field_2> = body.<allowed_field_2>
// ...whitelist only the documented fields. Never copy id, workspaceId, createdDate, updatedDate from the client.

Regression tests should assert that a request body containing workspaceId, id, createdDate, or updatedDate is rejected (or at minimum: does not change those columns on the persisted row) for both create and update paths.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.1.1"
      },
      "package": {
        "ecosystem": "npm",
        "name": "flowise"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46480"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-14T16:19:52Z",
    "nvd_published_at": "2026-06-08T16:16:42Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\n**Type:** Mass assignment via `Object.assign(entity, body)` -\u003e client-controlled `workspaceId` (and on create, `id`) overwritten on the Evaluator entity -\u003e cross-workspace data takeover and IDOR.\n**File:** `packages/server/src/Interface.Evaluation.ts`\n**Root cause:** The Evaluator controller/service constructs a `new Evaluator()` and copies the request body into it via `Object.assign(...)` without an explicit field allowlist. The request body therefore can include `workspaceId`, `id`, `createdDate`, `updatedDate`. The server only rebinds *some* of these after the assign (e.g. on create, it overwrites `workspaceId` but not `id`; on update, it overwrites `id` but not `workspaceId`). The remaining client-controlled values land directly on the persisted row, breaking workspace isolation. Same root pattern as the evaluator entity\u0027s sibling controllers and as `DocumentStore` before it was patched in commit 840d2ae.\n\n## Affected Code\n\n**File:** `packages/server/src/Interface.Evaluation.ts`\n\n```ts\n// at line 85\nObject.assign(newEvaluator, body)       // \u003c-- BUG: body.id, body.workspaceId, body.createdDate, body.updatedDate accepted\n```\n\n**Why it\u0027s wrong:** `Object.assign(target, source)` copies every own enumerable property of `source` onto `target`. The TypeORM/SQL persistence layer below it does not strip ownership-bearing columns, so `workspaceId` set in the request body lands as the new `workspaceId` of the persisted row. The DocumentStore patch (commit 840d2ae) demonstrated the intended fix shape (explicit field-by-field allowlist) but it has not been applied to this entity.\n\n## Exploit Chain\n\n1. Attacker is an authenticated member of workspace A. They have a session cookie / JWT for the Flowise web UI. State at this point: attacker can read and write entities scoped to workspace A.\n2. Attacker creates a evaluator in workspace A via the documented API (or reuses an existing one they own). They note its entity `id`.\n3. Attacker issues a `PUT /api/v1/evaluators/\u003cid\u003e` (or equivalent endpoint) with a JSON body that includes `\"workspaceId\": \"\u003cworkspace-B-id\u003e\"` (an arbitrary other workspace\u0027s UUID). State at this point: the request reaches the controller as a workspace-A authenticated request.\n4. The controller calls `Object.assign(updateEntity, body)`. The body\u0027s `workspaceId` overwrites the entity\u0027s `workspaceId` field. The persistence layer commits the row.\n5. Final state: the evaluator row is now owned by workspace B. Workspace B members can see it, modify it, and use it. Workspace A loses access (it no longer satisfies their workspace filter). The original creator\u0027s workspace audit shows nothing because the operation looked like a normal update.\n\n## Security Impact\n\n**Severity:** High. Cross-workspace boundary violation by any authenticated workspace member.\n**Attacker capability:** Any authenticated user with permission to update a evaluator can move it to any workspace whose UUID they can guess or enumerate (workspace UUIDs are exposed in many API responses, so enumeration is trivial). Evaluators score model outputs and can be moved into another workspace via `workspaceId` overwrite, making the evaluator (and its scoring rubric) appear there.\n**Preconditions:** Authenticated session with edit permission for the source evaluator. No second factor required. Workspace UUIDs are exposed via the `/api/v1/workspaces` listing or via any cross-referenced object\u0027s `workspaceId` field, so target enumeration is trivial.\n**Differential:** PoC-verified by source inspection of the original GHSA-q4pr-4r26-c69r. Patched build (with the suggested fix below) refuses the `workspaceId` field; vulnerable build accepts it and persists it.\n\n## Suggested Fix\n\nAlready fixed in PR https://github.com/FlowiseAI/Flowise/pull/6050 (allowlist pattern applied).\n\n```ts\n// Allowlist pattern (matches commit 840d2ae for DocumentStore):\nconst updatedEvaluator = new Evaluator()\nif (body.\u003callowed_field_1\u003e !== undefined) updatedEvaluator.\u003callowed_field_1\u003e = body.\u003callowed_field_1\u003e\nif (body.\u003callowed_field_2\u003e !== undefined) updatedEvaluator.\u003callowed_field_2\u003e = body.\u003callowed_field_2\u003e\n// ...whitelist only the documented fields. Never copy id, workspaceId, createdDate, updatedDate from the client.\n```\n\nRegression tests should assert that a request body containing `workspaceId`, `id`, `createdDate`, or `updatedDate` is rejected (or at minimum: does not change those columns on the persisted row) for both create and update paths.",
  "id": "GHSA-wxrr-jp8m-qq7f",
  "modified": "2026-06-09T18:40:29Z",
  "published": "2026-05-14T16:19:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wxrr-jp8m-qq7f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46480"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/pull/6050"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/commit/dc07f4062b852033554543a3cff3daf3433b0dac"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/FlowiseAI/Flowise"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover"
}

GHSA-X2FC-MXCX-W4MF

Vulnerability from github – Published: 2021-05-10 18:39 – Updated: 2022-07-05 17:36
VLAI
Summary
Prototype Pollution in mathjs
Details

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "mathjs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-7743"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-21T19:47:53Z",
    "nvd_published_at": "2020-10-13T10:15:00Z",
    "severity": "HIGH"
  },
  "details": "The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.",
  "id": "GHSA-x2fc-mxcx-w4mf",
  "modified": "2022-07-05T17:36:48Z",
  "published": "2021-05-10T18:39:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7743"
    },
    {
      "type": "WEB",
      "url": "https://github.com/josdejong/mathjs/commit/ecb80514e80bce4e6ec7e71db8ff79954f07c57e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/josdejong/mathjs/blob/develop/HISTORY.md#2020-10-10-version-751"
    },
    {
      "type": "WEB",
      "url": "https://github.com/josdejong/mathjs/blob/develop/src/utils/object.js%23L82"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1017113"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1017112"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1017111"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-MATHJS-1016401"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/package/mathjs"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution in mathjs"
}

GHSA-X3C7-22C8-PRG7

Vulnerability from github – Published: 2025-06-13 21:09 – Updated: 2025-06-14 00:23
VLAI
Summary
handcraftedinthealps/goodby-csv has Potential Gadget Chain allowing Remote Code Execution
Details

Impact

goodby-csv could be used as part of a chain of methods that is exploitable when an insecure deserialization vulnerability exists in an application. This so-called "gadget chain" presents no direct threat but is a vector that can be used to achieve remote code execution if the application deserializes untrusted data due to another vulnerability.

Patches

Has the problem been patched? What versions should users upgrade to?

The problem is patched with Version 1.4.3

Workarounds

Patch src/Goodby/CSV/Export/Standard/Collection /CallbackCollection.php:

+    public function __wakeup() {
+       throw new \BadMethodCallException('Cannot unserialize ' . __CLASS__);
+    }

However, this is not directly exploitable; a separate vulnerability must be present to allow an attacker to pass unsafe input to unserialize(). There are no such known exploits in goodby-csv.

References

Are there any links users can visit to find out more?

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "handcraftedinthealps/goodby-csv"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-49597"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-13T21:09:00Z",
    "nvd_published_at": "2025-06-13T20:15:23Z",
    "severity": "LOW"
  },
  "details": "### Impact\n\ngoodby-csv could be used as part of a chain of methods that is exploitable when an insecure deserialization vulnerability exists in an application. This so-called \"gadget chain\" presents no direct threat but is a vector that can be used to achieve remote code execution if the application deserializes untrusted data due to another vulnerability.\n\n### Patches\n\nHas the problem been patched? What versions should users upgrade to?\n\nThe problem is patched with Version 1.4.3\n\n### Workarounds\n\nPatch `src/Goodby/CSV/Export/Standard/Collection /CallbackCollection.php`:\n\n```diff\n+    public function __wakeup() {\n+       throw new \\BadMethodCallException(\u0027Cannot unserialize \u0027 . __CLASS__);\n+    }\n```\n\nHowever, this is not directly exploitable; a separate vulnerability must be present to allow an attacker to pass unsafe input to unserialize(). There are no such known exploits in goodby-csv.\n\n### References\n_Are there any links users can visit to find out more?_",
  "id": "GHSA-x3c7-22c8-prg7",
  "modified": "2025-06-14T00:23:21Z",
  "published": "2025-06-13T21:09:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/handcraftedinthealps/goodby-csv/security/advisories/GHSA-x3c7-22c8-prg7"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49597"
    },
    {
      "type": "WEB",
      "url": "https://github.com/handcraftedinthealps/goodby-csv/commit/acd14c6ed85116bb2cb4da35ab62821e5cf54519"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/handcraftedinthealps/goodby-csv"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "handcraftedinthealps/goodby-csv has Potential Gadget Chain allowing Remote Code Execution"
}

GHSA-X3WR-V4WX-5QPC

Vulnerability from github – Published: 2021-06-21 17:14 – Updated: 2022-06-29 20:41
VLAI
Summary
Prototype Pollution
Details

Prototype pollution vulnerability in ‘expand-hash’ versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "expand-hash"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-25948"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-06-14T19:29:17Z",
    "nvd_published_at": "2021-06-10T12:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Prototype pollution vulnerability in \u2018expand-hash\u2019 versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.",
  "id": "GHSA-x3wr-v4wx-5qpc",
  "modified": "2022-06-29T20:41:54Z",
  "published": "2021-06-21T17:14:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25948"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/doowb/expand-hash"
    },
    {
      "type": "WEB",
      "url": "https://github.com/doowb/expand-hash/blob/556913f6c2f05848110b5b8261cfc78e5ce3dc77/index.js#L19"
    },
    {
      "type": "WEB",
      "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25948"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution"
}

GHSA-X5M4-G2CQ-52PQ

Vulnerability from github – Published: 2026-07-02 20:03 – Updated: 2026-07-02 20:03
VLAI
Summary
Craft CMS's mass assignment via id in newAttributes during bulk duplicate overwrites existing elements
Details

Summary

There is a mass-assignment flaw in the bulk-duplicate element action. Alice, holding only the permission to duplicate an entry she owns, submits an arbitrary id through the newAttributes request parameter. The duplication routine overrides its own id = null reset with that value and writes Alice’s attributes into Bob’s existing entry row.

Details

ElementsController::beforeAction() (src/controllers/ElementsController.php:119-124) pulls the request body into $this->_attributes and rejects requests that ship an id or canonicalId key at the top level:

$this->_attributes = $this->request->getBodyParams();

// No funny business
if (isset($this->_attributes['id']) || isset($this->_attributes['canonicalId'])) {
    throw new BadRequestHttpException('Changing an element’s ID is not allowed.');
}

The check inspects only the top-level payload. actionBulkDuplicate() (src/controllers/ElementsController.php:1708-1749) reads a separate newAttributes array and passes it straight through to the service layer:

$elementInfo = $this->request->getRequiredBodyParam('elements');
$newAttributes = $this->request->getRequiredBodyParam('newAttributes');
...
$safeNewAttributes = Collection::make($newAttributes)
    ->only($element->safeAttributes())
    ->all();
...
$newElement = $elementsService->duplicateElement(
    $element,
    $safeNewAttributes + $element::baseBulkDuplicateAttributes(),
    false,
    checkAuthorization: true,
);

Elements::duplicateElement() (src/services/Elements.php:1814-1840) clones the source element, sets id to null, and then hands the attacker's array to Craft::configure():

$mainClone = clone $element;
$mainClone->id = null;
$mainClone->uid = StringHelper::UUID();
...
Craft::configure($mainClone, ArrayHelper::merge(
    $newAttributes,
    $siteAttributes[$mainClone->siteId] ?? [],
));

Craft::configure() overwrites the reset id with any numeric value inside $newAttributes. Yii's saveElement() then performs an UPDATE against the row with that primary key instead of an INSERT. Alice's title, slug, authorId, postDate, and UID land on Bob’s entry.

safeAttributes() on Entry includes id because the base element model exposes it, so the Collection::only() filter does not strip it.

Impact

A low-privileged author overwrites any other element (entries, categories, users that share the Entry element table inheritance) by predicting or enumerating element IDs. Content integrity on the entire install breaks. The attack requires only the ability to duplicate one entry Alice already owns.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "craftcms/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.7.0"
            },
            {
              "fixed": "5.9.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-50281"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-02T20:03:36Z",
    "nvd_published_at": "2026-07-02T17:17:00Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\nThere is a mass-assignment flaw in the bulk-duplicate element action. Alice, holding only the permission to duplicate an entry she owns, submits an arbitrary `id` through the `newAttributes` request parameter. The duplication routine overrides its own `id = null` reset with that value and writes Alice\u2019s attributes into Bob\u2019s existing entry row.\n\n## Details\n\n`ElementsController::beforeAction()` (`src/controllers/ElementsController.php:119-124`) pulls the request body into `$this-\u003e_attributes` and rejects requests that ship an `id` or `canonicalId` key at the top level:\n\n```php\n$this-\u003e_attributes = $this-\u003erequest-\u003egetBodyParams();\n\n// No funny business\nif (isset($this-\u003e_attributes[\u0027id\u0027]) || isset($this-\u003e_attributes[\u0027canonicalId\u0027])) {\n    throw new BadRequestHttpException(\u0027Changing an element\u2019s ID is not allowed.\u0027);\n}\n```\n\nThe check inspects only the top-level payload. `actionBulkDuplicate()` (`src/controllers/ElementsController.php:1708-1749`) reads a separate `newAttributes` array and passes it straight through to the service layer:\n\n```php\n$elementInfo = $this-\u003erequest-\u003egetRequiredBodyParam(\u0027elements\u0027);\n$newAttributes = $this-\u003erequest-\u003egetRequiredBodyParam(\u0027newAttributes\u0027);\n...\n$safeNewAttributes = Collection::make($newAttributes)\n    -\u003eonly($element-\u003esafeAttributes())\n    -\u003eall();\n...\n$newElement = $elementsService-\u003eduplicateElement(\n    $element,\n    $safeNewAttributes + $element::baseBulkDuplicateAttributes(),\n    false,\n    checkAuthorization: true,\n);\n```\n\n`Elements::duplicateElement()` (`src/services/Elements.php:1814-1840`) clones the source element, sets `id` to null, and then hands the attacker\u0027s array to `Craft::configure()`:\n\n```php\n$mainClone = clone $element;\n$mainClone-\u003eid = null;\n$mainClone-\u003euid = StringHelper::UUID();\n...\nCraft::configure($mainClone, ArrayHelper::merge(\n    $newAttributes,\n    $siteAttributes[$mainClone-\u003esiteId] ?? [],\n));\n```\n\n`Craft::configure()` overwrites the reset `id` with any numeric value inside `$newAttributes`. Yii\u0027s `saveElement()` then performs an UPDATE against the row with that primary key instead of an INSERT. Alice\u0027s title, slug, authorId, postDate, and UID land on Bob\u2019s entry.\n\n`safeAttributes()` on `Entry` includes `id` because the base element model exposes it, so the `Collection::only()` filter does not strip it.\n\n## Impact\n\nA low-privileged author overwrites any other element (entries, categories, users that share the Entry element table inheritance) by predicting or enumerating element IDs. Content integrity on the entire install breaks. The attack requires only the ability to duplicate one entry Alice already owns.",
  "id": "GHSA-x5m4-g2cq-52pq",
  "modified": "2026-07-02T20:03:36Z",
  "published": "2026-07-02T20:03:36Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/security/advisories/GHSA-x5m4-g2cq-52pq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50281"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/commit/8f6587c25050bbb6e080d59c71f6bb8932fc8600"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/craftcms/cms"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Craft CMS\u0027s mass assignment via id in newAttributes during bulk duplicate overwrites existing elements"
}

GHSA-X5V6-PJ28-CWWM

Vulnerability from github – Published: 2026-05-14 14:52 – Updated: 2026-06-09 13:09
VLAI
Summary
FlowiseAI has Mass Assignment in Tool Update Endpoint that Allows Cross-Workspace Resource Reassignment
Details

Summary

A Mass Assignment vulnerability exists in the tool update endpoint of FlowiseAI.

The endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating a tool resource.

Due to missing server-side validation and authorization checks, an attacker can manipulate the workspaceId field and reassign tools to arbitrary workspaces. This breaks tenant isolation in multi-workspace environments.

Details

The endpoint responsible for updating tools:

PUT /api/v1/tools/{toolId}

accepts a JSON request body containing tool metadata.

However, the server does not restrict which properties may be modified by the client. As a result, user-controlled request bodies can include additional fields that should normally be controlled only by the backend.

Server-controlled fields that can be manipulated include:

  1. workspaceId
  2. createdDate
  3. updatedDate

The request body is directly merged into the underlying database entity without proper DTO validation or authorization checks.

PoC

Authenticate to the Flowise interface.

Capture the request used to update a tool:

PUT /api/v1/tools/<TOOL_ID>
Content-Type: application/json

Modify the request body by injecting additional fields:

{
  "name": "aaa",
  "description": "bbb",
  "color": "linear-gradient(rgb(109,215,45), rgb(136,170,134))",
  "schema": "[]",
  "func": "",
  "iconSrc": "test",
  "workspaceId": "11111111-2222-3333-4444-555555555555",
  "createdDate": "1995-03-06T14:17:50.000Z",
  "updatedDate": "1995-03-06T14:17:50.000Z"
}

Send the request.

Observe that the response includes the manipulated fields:

{
  "workspaceId": "11111111-2222-3333-4444-555555555555",
  "createdDate": "1995-03-06T14:17:50.000Z"
}

This confirms that client-controlled values are accepted and persisted by the server.

Impact

This vulnerability allows authenticated users to manipulate internal attributes of tool resources.

Confirmed impacts include:

  • Cross-workspace reassignment of tools (workspaceId)
  • Unauthorized modification of metadata (createdDate, updatedDate)

In multi-tenant deployments, this may allow an attacker to move tools between workspaces without authorization, breaking tenant isolation boundaries.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.1.1"
      },
      "package": {
        "ecosystem": "npm",
        "name": "flowise"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-42862"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-639",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-14T14:52:40Z",
    "nvd_published_at": "2026-06-08T16:16:39Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nA Mass Assignment vulnerability exists in the tool update endpoint of FlowiseAI.\n\nThe endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating a tool resource.\n\nDue to missing server-side validation and authorization checks, an attacker can manipulate the workspaceId field and reassign tools to arbitrary workspaces. This breaks tenant isolation in multi-workspace environments.\n\n### Details\nThe endpoint responsible for updating tools:\n\n**PUT /api/v1/tools/{toolId}**\n\naccepts a JSON request body containing tool metadata.\n\nHowever, the server does not restrict which properties may be modified by the client. As a result, user-controlled request bodies can include additional fields that should normally be controlled only by the backend.\n\nServer-controlled fields that can be manipulated include:\n\n1. workspaceId\n2. createdDate\n3. updatedDate\n\nThe request body is directly merged into the underlying database entity without proper DTO validation or authorization checks.\n\n### PoC\nAuthenticate to the Flowise interface.\n\nCapture the request used to update a tool:\n\n```http\nPUT /api/v1/tools/\u003cTOOL_ID\u003e\nContent-Type: application/json\n\nModify the request body by injecting additional fields:\n\n{\n  \"name\": \"aaa\",\n  \"description\": \"bbb\",\n  \"color\": \"linear-gradient(rgb(109,215,45), rgb(136,170,134))\",\n  \"schema\": \"[]\",\n  \"func\": \"\",\n  \"iconSrc\": \"test\",\n  \"workspaceId\": \"11111111-2222-3333-4444-555555555555\",\n  \"createdDate\": \"1995-03-06T14:17:50.000Z\",\n  \"updatedDate\": \"1995-03-06T14:17:50.000Z\"\n}\n\n```\nSend the request.\n\nObserve that the response includes the manipulated fields:\n\n```json\n{\n  \"workspaceId\": \"11111111-2222-3333-4444-555555555555\",\n  \"createdDate\": \"1995-03-06T14:17:50.000Z\"\n}\n```\n\nThis confirms that client-controlled values are accepted and persisted by the server.\n\n### Impact\nThis vulnerability allows authenticated users to manipulate internal attributes of tool resources.\n\nConfirmed impacts include:\n\n- Cross-workspace reassignment of tools (workspaceId)\n- Unauthorized modification of metadata (createdDate, updatedDate)\n\nIn multi-tenant deployments, this may allow an attacker to move tools between workspaces without authorization, breaking tenant isolation boundaries.",
  "id": "GHSA-x5v6-pj28-cwwm",
  "modified": "2026-06-09T13:09:57Z",
  "published": "2026-05-14T14:52:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5v6-pj28-cwwm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42862"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/FlowiseAI/Flowise"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "FlowiseAI has Mass Assignment in Tool Update Endpoint that Allows Cross-Workspace Resource Reassignment"
}

GHSA-X5VH-96V7-W3PH

Vulnerability from github – Published: 2026-05-13 21:32 – Updated: 2026-05-13 21:32
VLAI
Details

Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an arbitrary webui object to the config_data dictionary. Attackers can exploit insufficient deny-list filtering to permanently replace stored login credentials, lock out legitimate administrators, and gain persistent access to all configured tasks, cloud tokens, and notification services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45229"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-915"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-13T21:16:49Z",
    "severity": "HIGH"
  },
  "details": "Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an arbitrary webui object to the config_data dictionary. Attackers can exploit insufficient deny-list filtering to permanently replace stored login credentials, lock out legitimate administrators, and gain persistent access to all configured tasks, cloud tokens, and notification services.",
  "id": "GHSA-x5vh-96v7-w3ph",
  "modified": "2026-05-13T21:32:07Z",
  "published": "2026-05-13T21:32:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45229"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Cp0204/quark-auto-save/commit/ea8377a596446291953dbe36e2d119d85bcd865b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Cp0204/quark-auto-save/releases/tag/v0.8.5"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/quark-drive-mass-assignment-via-post-update"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Implementation
  • If available, use features of the language or framework that allow specification of allowlists of attributes or fields that are allowed to be modified. If possible, prefer allowlists over denylists.
  • For applications written with Ruby on Rails, use the attr_accessible (allowlist) or attr_protected (denylist) macros in each class that may be used in mass assignment.
Mitigation
Architecture and Design Implementation

If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.

Mitigation
Implementation

Strategy: Input Validation

For any externally-influenced input, check the input against an allowlist of internal object attributes or fields that are allowed to be modified.

Mitigation
Implementation Architecture and Design

Strategy: Refactoring

Refactor the code so that object attributes or fields do not need to be dynamically identified, and only expose getter/setter functionality for the intended attributes.

No CAPEC attack patterns related to this CWE.