Remote Code Execution via Flow Studio Node Definitions
Description LOLLMS Flow Studio contains multiple code execution vulnerabilities via unsafe use of Python's exec function. Two distinct code paths allow arbitrary Python code execution on the server: 1. Direct Code Execution via/api/flows/testcode Admin endpoint File: backend/routers/flowstudio.py...