A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent ...