RSS   Vulnerabilities for 'Node-rules'   RSS

2020-04-27
 
CVE-2020-7609

CWE-74
 

 
node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON()" can be controlled by users without any sanitization.

 


Copyright 2024, cxsecurity.com

 

Back to Top