RSS   Vulnerabilities for 'Promise-probe'   RSS

2020-02-18
 
CVE-2019-10791

CWE-74
 

 
promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization.

 


Copyright 2024, cxsecurity.com

 

Back to Top