[OctoBot] Octobot before 0.4.4 mishandles Tentacles upload

WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-36711
• https://github.com/Drakkar-Software/OctoBot/issues/1966
• https://github.com/Drakkar-Software/OctoBot/blob/master/CHANGELOG.md
• https://github.com/Nwqda/Sashimi-Evil-OctoBot-Tentacle
• https://packetstormsecurity.com/files/167721/Sashimi-Evil-OctoBot-Tentacle.html
• https://www.octobot.online/
• https://github.com/Drakkar-Software/OctoBot/blob/master/CHANGELOG.md#044—2022-06-01
• https://github.com/pypa/advisory-database/tree/main/vulns/octobot/PYSEC-2022-235.yaml
• http://packetstormsecurity.com/files/167780/OctoBot-WebInterface-0.4.3-Remote-Code-Execution.html
• https://github.com/advisories/GHSA-fr75-x856-q6j8