RSS   Vulnerabilities for 'Fehelper'   RSS

2019-06-26
 
CVE-2019-12966

CWE-20
 

 
FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.

 


Copyright 2024, cxsecurity.com

 

Back to Top