The vulnerability stems from inadequate access control checks in the prompt update functionality. Specifically, the versions.patch method, which handles updates to template versions, does not properly verify the user's permissions before allowing the update operation. This oversight allows an attacker to modify the content, extra parameters, test values, and draft status of any template version by sending a specially crafted PATCH request.

An attacker discovers the endpoint for updating template versions and crafts a PATCH request with a new content, extra parameters, and other fields. By specifying the id of the template version they wish to modify, the attacker can bypass access controls and alter the template version's details without proper authorization.

All users of the lunary-ai/lunary software version 1.2.2 are potentially affected by this vulnerability, as unauthorized users could alter the content and settings of deployed prompts.