Vulnerability Summary: SuperAGI Path Traversal Vulnerability (CVE-2024-xxxx) Overview The function in SuperAGI contains a path traversal vulnerability. When handling file uploads, the function only sanitizes the field from form data and does not sanitize the attribute. Attackers can exploit this flaw to bypass checks and write files to arbitrary locations on the server. Impact Scope Affected Component: Affected Versions: SuperAGI up to c3c1982 Severity: Critical (CVSS Critical) Attack Type: Arbitrary File Write, Remote Code Execution Remediation Fixed Version: SuperAGI up to 0.0.14 Fix Details: Resolved the vulnerability. POC / Exploit Code