exploitDog

GHSA-jpr5-9g6v-vc48

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.

FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.

Ссылки

EPSS

Процентиль: 78%

0.01119

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-74

Связанные уязвимости

CVE-2019-12966

CVSS3: 9.8

nvd

больше 6 лет назад

FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.

EPSS

Процентиль: 78%

0.01119

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-74