Arbitrary Command Injection
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Arbitrary Command Injection via the nodevm execution environment when integrated modules such as Puppeteer or Playwright are used with attacker-controlled browser binary paths and parameters. An authenticat...