CVE-2021-44657
CVE-2021-44657 affects StackStorm versions before 3.6.0, where the Jinja interpreter was not run in sandbox mode, enabling unsafe system command execution. The issue stems from Jinja not enabling sandboxed mode by default for backwards compatibility; StackStorm now forces sandboxed Jinja by defau...