Summary
n8n: Wrong OAuth Scope On Evaluations Test Run Creation Endpoint
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-4R4W-2WGP-W7CJ
Open WebUI Prompt history IDOR: unbound history_id allows cross-prompt read and deletion
- HIGHGHSA-VJQM-6GCC-62CR
Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion
- HIGHGHSA-VRHC-3FR6-PC3C
Open WebUI: Forged chat-file link allows cross-user file read and deletion
- MEDIUMGHSA-3G6V-2R68-PRFC
Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
- HIGHGHSA-9R5X-WG6M-X2RC
Gitea: OAuth2 access token scope enforcement bypass via HTTP Basic authentication
- HIGHGHSA-2J5H-858J-5MPF
n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints