Two paths to code execution in n8n: AlaSQL escape and prototype pollution
by Artem Safonov
Two CVSS 9.4 vulnerabilities turn n8n workflow nodes into remote code execution vectors. AlaSQL sandbox escape in the Merge node and prototype pollution in GSuiteAdmin/XML nodes both allow authenticated attackers to execute arbitrary commands and read stored credentials.
Read more →