The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Incorrect Authorization vulnerabilities in an interactive lesson.
Start learningUpgrade n8n to version 2.28.0 or higher.
n8n is a n8n Workflow Automation Tool
Affected versions of this package are vulnerable to Incorrect Authorization in workflow creation folder assignment, which does not verify that the requested target folder belongs to a project the requester is allowed to access. A user with workflow creation permission in one project can associate a newly created workflow with a folder belonging to a different project they cannot access by submitting a crafted creation request. Exploitation requires multi-project and folder support to be enabled, and the impact is confined to a logical integrity violation of the target project's folder structure at the database level, since the workflow stays in the requester's project, remains invisible to the target project, and exposes no target project data.