GHSA-96fh-m4r8-6v9v
NocoDB: Cross-Workspace Integration Use in Connection Test
상세
### Summary A user in one workspace could exercise another workspace's integration through the `testConnection` endpoint by supplying its ID, because the integration was fetched in a bypass scope and the caller's permission check matched any base in any workspace.
### Details The connection-test endpoint fetched the integration in `RootScopes.BYPASS` scope and checked only that the integration was non-private and that the caller held an owner/creator role on any base in any workspace. The permission lookup is now scoped to the integration's workspace by joining on `fk_workspace_id`, and the controller rejects requests where the integration's workspace differs from the request's workspace.
### Impact Cross-tenant access to integration configuration through the connection-test endpoint, including the ability to drive the resolved database with the other workspace's credentials. Authentication with creator-or-owner role on any base in any workspace was sufficient.
### Credit This issue was reported by [@DongyangLyu](https://github.com/DongyangLyu).
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.