Iamareebjamal

Name of the Vulnerable Software and Affected Versions: SUSI.AI Server versions prior to d27ed0f Description: The issue is due to insufficient input validation, leading to a directory traversal vulnerability. This allows an attacker to retrieve any admin config and file readable by the app. Additionally, some files can be moved or deleted. Recommendations: For versions prior to d27ed0f, update to version d27ed0f or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.