Name of the Vulnerable Software and Affected Versions: Flowise (affected versions not specified)

Description: The issue allows developers to inject configuration into the Chainflow during execution through the overrideConfig option, which is supported in both the frontend web integration and the backend Prediction API. This feature has several security issues, including remote code execution, sandbox escape, denial of service by crashing the server, server-side request forgery, prompt injection, and data exfiltration. These issues can be exploited to gain full control over LLM prompts, alter the flow of a conversation, and exfiltrate server variables and data. The issues are self-targeted and do not persist to other users but leave the server and business exposed.

Recommendations: