Cross-tenant IDOR and privilege escalation in PraisonAI Platform (pip package praisonai-platform <= 0.1.2) allow any registered user to read, modify, or delete agents, issues, projects, labels, comments, and dependencies across every workspace, and to promote themselves to admin/owner of any workspace they are invited to. The FastAPI `require_workspace_member` dependency validates membership against the URL prefix workspace but never checks that nested resource IDs belong to that workspace, while privileged member-management routes inherit the default `min_role="member"` instead of requiring admin/owner. Publicly available exploit code exists in the form of a reporter-supplied PoC, open registration on the default `0.0.0.0:8000` bind makes exploitation trivial, and CVSS, EPSS, and CISA KEV signals are not provided in the supplied data.
Privilege Escalation
Python
NVD
GitHub
EPSS
0.0%
Prev
Page 2 of 2