Описание
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Exploit
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Exploit
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.5.2 (исключая)
cpe:2.3:a:bassmaster_project:bassmaster:*:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.84242
Высокий
10 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
EPSS
Процентиль: 99%
0.84242
Высокий
10 Critical
CVSS2
Дефекты
CWE-94