Описание
window-control vulnerable to Command Injection due to improper input sanitization
window-control is an npm package that provides tools to manage window focus. Versions before 1.4.5 are vulnerable to Command Injection via the sendKeys function due to improper input sanitization.
Пакеты
Наименование
window-control
npm
Затронутые версииВерсия исправления
< 1.4.5
1.4.5
Связанные уязвимости
CVSS3: 7.4
nvd
около 3 лет назад
Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization.