The vulnerability stems from the application's failure to validate whether a user requesting a prompt's details has the necessary permissions to view that prompt. Specifically, the endpoint responsible for fetching template version details does not verify if the provided prompt ID belongs to a project associated with the current user. This oversight allows an attacker to view sensitive information from any project by simply knowing or guessing the prompt ID.

An attacker discovers or guesses the ID of a prompt belonging to another user's project. They then make a request to the vulnerable endpoint, supplying the prompt ID. The application does not check if the attacker is authorized to view the prompt, resulting in the unauthorized disclosure of sensitive information.

Any user of the lunary-ai/lunary application version 1.2.2 is vulnerable to this issue. Unauthorized users can exploit this vulnerability to view sensitive project prompts that they should not have access to.