The core of the vulnerability lies in the lack of input validation and formatting when updating workspace settings via an HTTP POST request to /api/workspace/:workspace-slug/update. By exploiting Prisma's nested write capabilities, attackers can manipulate the request data to execute unintended database queries, allowing the creation of new Administrator accounts. This flaw exposes the application to unauthorized actions and potential admin account takeover.

An attacker with manager-level access to the application can exploit this vulnerability by crafting a malicious HTTP POST request containing nested JSON data designed to create a new Administrator account. This is achieved by sending a modified request to the workspace update endpoint, which includes additional parameters for creating a new user with admin privileges. The attacker can then log in with the newly created admin account to perform unauthorized actions.

This vulnerability primarily affects applications running the affected version of mintplex-labs/anything-llm. Specifically, it impacts organizations and users who rely on the role-based access control mechanisms of the software to segregate duties and limit access to sensitive functionalities. Both the integrity of the application and the security of its data are at risk.