Описание
OS Command Injection in pixl-class
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.
Пакеты
Наименование
pixl-class
npm
Затронутые версииВерсия исправления
< 1.0.3
1.0.3
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.