The vulnerability arises from improper access control mechanisms in the template version management endpoints. Specifically, the PATCH and GET requests for template versions do not adequately verify the user's permissions for the specified project ID, allowing an attacker to view or modify template versions by manipulating the 'id' parameter in the request URL. This could lead to unauthorized access to sensitive project data or unauthorized modifications to project templates.

An attacker discovers the project ID of a target project and crafts a malicious PATCH or GET request with the project ID and a template version ID they wish to target. By sending this request to the server, the attacker can view or modify the content, extra parameters, test values, and draft status of the template version without proper authorization.

All users of lunary-ai/lunary version 1.2.2 are potentially affected by this vulnerability, as it allows unauthorized individuals to access and modify any project's template versions.