CVE-2024-7297

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint.

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint.

Las versiones de Langflow anteriores a la 1.0.13 sufren de una vulnerabilidad de escalada de privilegios, lo que permite a un atacante remoto y con pocos privilegios obtener privilegios de superadministrador al realizar una solicitud de asignación masiva en el endpoint '/api/v1/users'.