FlowiseAI Password Reset Token Vulnerability Enables Account Takeover
A critical vulnerability in FlowiseAI has been discovered that allows attackers to take over user accounts with minimal effort.
The flaw, tracked as CVE-2025-58434, affects both cloud-hosted and self-hosted FlowiseAI deployments, posing significant risks to organizations using this AI workflow automation platform.
| CVE Number | Affected Product | Vulnerability Type | CVSS 3.1 Score |
|---|---|---|---|
| CVE-2025-58434 | FlowiseAI (npm package flowise) | Unauthenticated Password Reset Token Disclosure | 9.8 (Critical) |
Critical Security Flaw in Password Reset Mechanism
The vulnerability lies within FlowiseAI’s password reset functionality, specifically the /api/v1/account/forgot-password endpoint, as per a report by Security Researcher.
Instead of following secure practices by only sending reset tokens via email, the system directly returns sensitive user information in the API response, including valid password reset tokens.
When an attacker requests a password reset for any email address, the system responds with comprehensive user details, including the user ID, name, email, hashed credentials, and, most critically, a valid tempToken that can be used immediately to reset the target account’s password.
This design flaw completely bypasses the intended security mechanism of email-based verification.
The vulnerability affects FlowiseAI versions below 3.0.5, with no patches currently available. The issue impacts both the cloud service at cloud.flowiseai.com and self-hosted deployments that expose the vulnerable API endpoints.
Exploiting this vulnerability requires only the victim’s email address, which attackers can often guess or discover through reconnaissance.
The attack process involves just two HTTP requests. First, attackers send a POST request to the forgot-password endpoint with the target’s email address. The system responds with a valid reset token instead of simply confirming the request.
Second, attackers use this exposed token in the reset-password endpoint to set a new password for the victim’s account.
No email verification or user interaction is required, making this a completely silent attack that victims may not notice until they attempt to log in.
The vulnerability has been assigned a CVSS score of 9.8, indicating critical severity. The high score reflects the ease of exploitation, as it requires no authentication, no user interaction, and has low attack complexity, while providing complete access to user accounts.
This flaw enables attackers to compromise any account, including administrative or high-privilege accounts, potentially leading to data breaches, unauthorized access to sensitive AI workflows, and complete organizational compromise.
The vulnerability’s impact extends beyond individual accounts, as compromised admin accounts could provide access to entire organizational deployments and associated data.
Organizations using FlowiseAI should immediately implement monitoring for suspicious password reset activities and consider temporarily restricting access to the platform until patches become available.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Post Comment