GHSA-m837-xvxr-vqwg: Hardcoded CORS Wildcard Enables Cross-Origin Credential Abuse in Flowise
Vulnerability ID: GHSA-M837-XVXR-VQWG
CVSS Score: 6.9
Published: 2026-05-20
Flowise versions prior to 3.1.2 contain a hardcoded CORS wildcard on the Text-to-Speech (TTS) endpoint. This configuration bypasses the application's global security policies and enables cross-origin credential abuse, leading to unauthorized resource consumption and potential financial impact via third-party API quota exhaustion.
TL;DR
A hardcoded Access-Control-Allow-Origin: * header in Flowise's TTS endpoint allows malicious websites to perform unauthorized cross-origin requests. Combined with credential abuse flaws, this allows attackers to consume configured external TTS API quotas.
⚠️ Exploit Status: POC
Technical Details
- Vulnerability ID: GHSA-m837-xvxr-vqwg
- CVSS Score: 6.9 (v4.0)
- Attack Vector: Network
- CWE ID: CWE-942
- Impact: Cross-Origin Credential Abuse & Quota Exhaustion
- Affected Component: TTS Generation Endpoint
Affected Systems
- Flowise (npm package)
- Flowise Docker Image
-
flowise: < 3.1.2 (Fixed in:
3.1.2)
Mitigation Strategies
- Upgrade the Flowise npm package to version 3.1.2 or higher.
- Deploy the latest Docker image tagged 3.1.2.
- Implement reverse proxy rules to strip wildcard CORS headers from the TTS endpoint.
Remediation Steps:
- Identify all running instances of Flowise within the environment.
- Stop the currently running Flowise service.
- Update the package via npm (
npm install flowise@latest) or pull the latest Docker image (docker pull flowiseai/flowise:3.1.2). - Restart the Flowise service.
- Verify the remediation by inspecting the HTTP headers of the
/api/v1/text-to-speechendpoint and confirming the absence ofAccess-Control-Allow-Origin: *.
References
Read the full report for GHSA-M837-XVXR-VQWG on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)