CVE-2024-12652

A Improper Control of Generation of Code 'Code Injection' vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code...

PT-2024-17692 · Smartrobot · Smartrobot'S Conversational Ai Platform

Name of the Vulnerable Software and Affected Versions: SmartRobot's Conversational AI Platform versions prior to 7.2.0 Description: A Code Injection vulnerability exists in the groovy script function of SmartRobot's Conversational AI Platform, allowing remote authenticated users to perform...