Flowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization Association — flowise
Improper Input ValidationSummary
An improper mass assignment (JSON injection) vulnerability in the account registration endpoint of Flowise Cloud allows unauthenticated attackers to inject server-managed fields and nested objects during account creation. This enables client-controlled manipulation of ownership metadata, timestamps, organization association, and role mappings, breaking trust boundaries in a multi-tenant environment.
Details
The POST /api/v1/account/register endpoint is intended to accept a minimal payload to create a new user account (e.g., name, email, password). However, the backend fails to enforce a strict allowlist or DTO-based validation and instead blindly maps client-supplied JSON to internal domain models.
As a result, attackers can include additional nested objects and server-managed fields in the request body such as organization, organizationUser, workspace, workspaceUser, and metadata fields like createdBy, updatedBy, createdDate, and updatedDate. These fields are persisted as provided by the client rather than being generated or validated server-side.
This behavior demonstrates a trust boundary violation where authorization and ownership decisions that must be enforced by the server are effectively delegated to untrusted client input. In a multi-tenant SaaS context, this can lead to unauthorized organization association and role assignment during registration.
PoC
Send a standard registration request:
POST /api/v1/account/register HTTP/2
Host: cloud.flowiseai.com
Content-Type: application/json
{
"user": {
"name": "Test User",
"email": "[email protected]",
"credential": "StrongPassword123!"
}
}
Observe the 201 Created response returning a newly created user and related objects (organization, workspace, roles).
Send a modified registration request that injects additional server-managed fields and nested objects:
POST /api/v1/account/register HTTP/2 Host: cloud.flowiseai.com Content-Type: application/json
{
"user": {
"name": "Injected User",
"email": "[email protected]",
"credential": "StrongPassword123!",
"createdBy": "<arbitrary-uuid>",
"updatedBy": "<arbitrary-uuid>",
"createdDate": "1999-12-27T13:10:47.666Z",
"updatedDate": "1999-12-27T13:10:47.666Z"
},
"organization": {
"id": "<existing-organization-uuid>",
"name": "Injected Organization"
},
"organizationUser": {
"organizationId": "<existing-organization-uuid>",
"roleId": "<owner-role-uuid>"
}
}
Observe that the server responds with 201 Created and persists the injected fields, reflecting client-controlled values for ownership metadata, timestamps, and organization association.
Impact
- Vulnerability Class: Mass Assignment / JSON Injection / Improper Input Validation.
- Who is impacted: All deployments of Flowise Cloud exposing the registration endpoint.
By supplying a known organizationId during registration, an unauthenticated attacker can create a new user account directly associated with an existing organization they do not belong to. This results in unauthorized cross-tenant access and privilege escalation at account creation time, completely bypassing organizational ownership and trust boundaries.
Security Consequences:
- Client-controlled manipulation of server-managed fields (audit timestamps, ownership metadata).
- Unauthorized association of newly created accounts with existing organizations.
- Injection of role and membership relationships during registration.
- Violation of trust boundaries in a multi-tenant environment, increasing the risk of privilege abuse and audit integrity failures.
| Software | From | Fixed in |
|---|---|---|
flowise
|
- | 3.1.0 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime
Frequently Asked Questions
A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.
CVSS (Common Vulnerability Scoring System) estimates technical severity, but it doesn't automatically equal business risk. Prioritize using context like internet exposure, affected asset criticality, known exploitation (proof-of-concept or in-the-wild), and whether compensating controls exist. A "Medium" CVSS on an exposed, production system can be more urgent than a "Critical" on an isolated, non-production host.
A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. In practice, risk increases sharply when exploitation becomes reliable or widespread.
Recurring findings usually come from incomplete Asset Discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host. Unknown or unmanaged assets (often called Shadow IT) are a common reason the same issues resurface.
Use a simple, repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress using consistent metrics so remediation is steady, not reactive.
SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.