CWE-915
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Monthly
Privilege escalation in Budibase before 3.39.0 lets a workspace-scoped builder promote themselves or any other user to global administrator with a single POST to /api/public/v1/roles/assign. The builderOrAdmin middleware admits app-level builders (builder.apps set, builder.global unset) and the controller blindly spreads the request body into the SDK, allowing the caller to set builder.global=true or admin.global=true on arbitrary user IDs. The flaw turns a tenant-confined Enterprise feature into full tenant-wide takeover; no public exploit is identified at time of analysis, but the technique is fully described in the GitHub advisory.
Concrete CMS versions below 9.5.0 expose authenticated users to two related privilege-abuse primitives via a mass assignment flaw: password replacement without the current password, and disabling per-user IP-pinning that guards against session hijacking. The user-profile edit controller forwards the entire raw POST body to UserInfo::update() with no field whitelist, allowing any registered user to inject arbitrary model attributes - including the password field and session-security settings - into their own profile update. No public exploit code has been identified at time of analysis, but the attack is low-complexity and network-accessible for any authenticated user.
Object injection in Drupal Core across branches 8.0.0 through 11.3.x allows a network-accessible, highly privileged authenticated user to manipulate dynamically-determined object attributes, with potential full compromise of confidentiality, integrity, and availability. The CVSS vector (AV:N/AC:H/PR:H) confirms this is a network-reachable flaw but imposes steep prerequisites: administrator-level access and high attack complexity. No public exploit code or confirmed active exploitation has been identified at time of analysis.
Mass assignment in the TYPO3 'Frontend User Registration' extension allows unauthenticated remote attackers to assign arbitrary frontend user groups to accounts created or modified via the public registration and profile-edit flows. Because the extension neither restricts which user properties may be submitted nor enforces server-side access control on the group assignment field, an attacker registers or edits an account while injecting a privileged frontend user group identifier, immediately gaining access to content and functionality that would otherwise require elevated membership. No public exploit is identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
Mass assignment vulnerability in Open WebUI v0.9.2 allows authenticated attackers to spoof user identities and manipulate model evaluation data by injecting a `user_id` field into feedback requests. The `POST /api/v1/evaluations/feedback` endpoint fails to properly validate and segregate server-set values from user-supplied input, enabling attackers to create feedback records attributed to arbitrary users and corrupt Elo-based model leaderboard rankings. Patch available in v0.9.5.
Mass assignment in Flowise npm package (≤ 3.1.1) allows authenticated workspace members to hijack Evaluator entities across workspace boundaries by injecting workspaceId into API requests. The vulnerability stems from unsafe Object.assign() usage in Interface.Evaluation.ts that copies client-controlled ownership fields directly to the database. GitHub advisory GHSA-wxrr-jp8m-qq7f confirms the issue, with vendor-released patch available in version 3.1.2 (PR #6050, commit dc07f40). No active exploitation or public POC identified at time of analysis, though the advisory includes detailed exploit steps. Attack requires authenticated workspace member privileges and knowledge of target workspace UUIDs, which are exposed in standard API responses.
Mass-assignment vulnerability in Flowise npm package (≤3.1.1) allows authenticated workspace members to reassign evaluation entities to arbitrary workspaces by injecting workspaceId in API requests, bypassing multi-tenant isolation. Attackers can exfiltrate evaluation data (prompts, model outputs, scoring results) across workspace boundaries via a single PUT request. Vendor-released patch (v3.1.2) available; GitHub advisory GHSA-mq53-pc65-wjc4 confirms fix via field allowlist in commit dc07f40. No public exploit code identified at time of analysis, but exploitation requires only authenticated API access with documented evaluation update permissions.
Mass assignment in Flowise npm package ≤3.1.1 allows authenticated workspace members to hijack DatasetRow records across workspace boundaries by injecting workspaceId into PUT/POST request bodies. Attackers leverage Object.assign() copying untrusted client fields directly onto TypeORM entities without field allowlisting, enabling cross-workspace data exfiltration and unauthorized modification of training/evaluation datasets. Vendor-released patch (v3.1.2) implements explicit field allowlisting per GitHub advisory GHSA-7j65-65cr-6644. No active exploitation confirmed; patch available since January 2025 release.
Mass assignment in Flowise npm package <= 3.1.1 allows authenticated workspace members to hijack datasets across workspace boundaries by injecting workspaceId in update requests. An authenticated attacker can transfer any dataset they control to an arbitrary workspace by including a crafted workspaceId field in the PUT /api/v1/datasets/<id> request body, breaking multi-tenant isolation. The vulnerability arises from unsafe Object.assign() usage in packages/server/src/services/dataset/index.ts that copies all client-supplied fields without an allowlist. Vendor-confirmed patch released in version 3.1.2 (GitHub PR #6051, commit 49a2259b). No public exploit code identified at time of analysis, but exploitation is trivial for authenticated users with workspace enumeration access.
Mass-assignment vulnerability in Flowise npm package (versions ≤ 3.1.1) allows authenticated workspace members to hijack CustomTemplate entities across workspace boundaries by injecting `workspaceId` in API request bodies. The vulnerability stems from unsafe use of `Object.assign(entity, body)` in `packages/server/src/services/marketplaces/index.ts` without field allowlisting, enabling attackers to overwrite ownership metadata and move templates between isolated workspaces. Vendor-released patch (version 3.1.2) available via PR #6129. No public exploit identified at time of analysis, but proof-of-concept demonstrated via source code inspection and GitHub advisory GHSA-728h-4mwj-f2p4.
Privilege escalation in Budibase before 3.39.0 lets a workspace-scoped builder promote themselves or any other user to global administrator with a single POST to /api/public/v1/roles/assign. The builderOrAdmin middleware admits app-level builders (builder.apps set, builder.global unset) and the controller blindly spreads the request body into the SDK, allowing the caller to set builder.global=true or admin.global=true on arbitrary user IDs. The flaw turns a tenant-confined Enterprise feature into full tenant-wide takeover; no public exploit is identified at time of analysis, but the technique is fully described in the GitHub advisory.
Concrete CMS versions below 9.5.0 expose authenticated users to two related privilege-abuse primitives via a mass assignment flaw: password replacement without the current password, and disabling per-user IP-pinning that guards against session hijacking. The user-profile edit controller forwards the entire raw POST body to UserInfo::update() with no field whitelist, allowing any registered user to inject arbitrary model attributes - including the password field and session-security settings - into their own profile update. No public exploit code has been identified at time of analysis, but the attack is low-complexity and network-accessible for any authenticated user.
Object injection in Drupal Core across branches 8.0.0 through 11.3.x allows a network-accessible, highly privileged authenticated user to manipulate dynamically-determined object attributes, with potential full compromise of confidentiality, integrity, and availability. The CVSS vector (AV:N/AC:H/PR:H) confirms this is a network-reachable flaw but imposes steep prerequisites: administrator-level access and high attack complexity. No public exploit code or confirmed active exploitation has been identified at time of analysis.
Mass assignment in the TYPO3 'Frontend User Registration' extension allows unauthenticated remote attackers to assign arbitrary frontend user groups to accounts created or modified via the public registration and profile-edit flows. Because the extension neither restricts which user properties may be submitted nor enforces server-side access control on the group assignment field, an attacker registers or edits an account while injecting a privileged frontend user group identifier, immediately gaining access to content and functionality that would otherwise require elevated membership. No public exploit is identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
Mass assignment vulnerability in Open WebUI v0.9.2 allows authenticated attackers to spoof user identities and manipulate model evaluation data by injecting a `user_id` field into feedback requests. The `POST /api/v1/evaluations/feedback` endpoint fails to properly validate and segregate server-set values from user-supplied input, enabling attackers to create feedback records attributed to arbitrary users and corrupt Elo-based model leaderboard rankings. Patch available in v0.9.5.
Mass assignment in Flowise npm package (≤ 3.1.1) allows authenticated workspace members to hijack Evaluator entities across workspace boundaries by injecting workspaceId into API requests. The vulnerability stems from unsafe Object.assign() usage in Interface.Evaluation.ts that copies client-controlled ownership fields directly to the database. GitHub advisory GHSA-wxrr-jp8m-qq7f confirms the issue, with vendor-released patch available in version 3.1.2 (PR #6050, commit dc07f40). No active exploitation or public POC identified at time of analysis, though the advisory includes detailed exploit steps. Attack requires authenticated workspace member privileges and knowledge of target workspace UUIDs, which are exposed in standard API responses.
Mass-assignment vulnerability in Flowise npm package (≤3.1.1) allows authenticated workspace members to reassign evaluation entities to arbitrary workspaces by injecting workspaceId in API requests, bypassing multi-tenant isolation. Attackers can exfiltrate evaluation data (prompts, model outputs, scoring results) across workspace boundaries via a single PUT request. Vendor-released patch (v3.1.2) available; GitHub advisory GHSA-mq53-pc65-wjc4 confirms fix via field allowlist in commit dc07f40. No public exploit code identified at time of analysis, but exploitation requires only authenticated API access with documented evaluation update permissions.
Mass assignment in Flowise npm package ≤3.1.1 allows authenticated workspace members to hijack DatasetRow records across workspace boundaries by injecting workspaceId into PUT/POST request bodies. Attackers leverage Object.assign() copying untrusted client fields directly onto TypeORM entities without field allowlisting, enabling cross-workspace data exfiltration and unauthorized modification of training/evaluation datasets. Vendor-released patch (v3.1.2) implements explicit field allowlisting per GitHub advisory GHSA-7j65-65cr-6644. No active exploitation confirmed; patch available since January 2025 release.
Mass assignment in Flowise npm package <= 3.1.1 allows authenticated workspace members to hijack datasets across workspace boundaries by injecting workspaceId in update requests. An authenticated attacker can transfer any dataset they control to an arbitrary workspace by including a crafted workspaceId field in the PUT /api/v1/datasets/<id> request body, breaking multi-tenant isolation. The vulnerability arises from unsafe Object.assign() usage in packages/server/src/services/dataset/index.ts that copies all client-supplied fields without an allowlist. Vendor-confirmed patch released in version 3.1.2 (GitHub PR #6051, commit 49a2259b). No public exploit code identified at time of analysis, but exploitation is trivial for authenticated users with workspace enumeration access.
Mass-assignment vulnerability in Flowise npm package (versions ≤ 3.1.1) allows authenticated workspace members to hijack CustomTemplate entities across workspace boundaries by injecting `workspaceId` in API request bodies. The vulnerability stems from unsafe use of `Object.assign(entity, body)` in `packages/server/src/services/marketplaces/index.ts` without field allowlisting, enabling attackers to overwrite ownership metadata and move templates between isolated workspaces. Vendor-released patch (version 3.1.2) available via PR #6129. No public exploit identified at time of analysis, but proof-of-concept demonstrated via source code inspection and GitHub advisory GHSA-728h-4mwj-f2p4.