Add vpatch-CVE-2025-3248 rule and test

[crowdsec-automation]

This rule targets the Langflow RCE vulnerability (CVE-2025-3248) by focusing on the specific endpoint /api/v1/validate/code and the presence of the dangerous @exec( pattern in the code field of the JSON body.

• The first rule block matches requests to the exact endpoint, using equals for precision and applying lowercase normalization.
• The second rule block inspects the json.code argument in the request body, applying both lowercase and urldecode transforms to ensure case-insensitive and encoded input is detected. It looks for the substring @exec(, which is the vector for code execution in the exploit.
• The labels section includes the correct CVE, ATT&CK, and CWE references, and the product/vuln class label is formatted as required.

Special handling:

• The rule uses BODY_ARGS with the json.code variable because the exploit is in a JSON POST body.
• The detection is kept generic enough to catch variations of the exploit, but specific enough to avoid false positives by requiring both the endpoint and the code pattern.
• All value: fields are lowercase, and all relevant transforms are applied.
• The test config and nuclei test template are adapted to only check for a 403 response, as required.

Exploit URL: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-3248.yaml