Vulnerabilities

CVE-2021-23389

by Fred · 12/07/2021

The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.

Date published : 2021-07-12

https://github.com/totaljs/framework/blob/master/utils.js%23L6606-L6631

https://github.com/totaljs/framework/commit/887b0fa9e162ef7a2dd9cec20a5ca122726373b3

Similar

Tags: Cybersecurity Alert