Описание
Unauthenticated Remote Command Injection in ep_imageconvert
ep_imageconvert is a plugin for Etherpad Lite. ep_imageconvert <= 0.0.2 is vulnerable to remote command injection.
Authentication is not required for remote exploitation.
Recommendation
Update to version 0.0.3 or greater.
Пакеты
Наименование
ep_imageconvert
npm
Затронутые версииВерсия исправления
<= 0.0.2
0.0.3
