Severity: High

Description: SAS Risk Governance Framework contains a remote code execution vulnerability on the Groovy Editor.

Potential Impact: This vulnerability, if exploited, allows an OS command injection to be executed on the web application server.