Vulnerabilities

CVE-2021-23390

by Fred · 12/07/2021

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.

Date published : 2021-07-12

https://github.com/totaljs/framework4/blob/master/utils.js%23L5430-L5455

https://github.com/totaljs/framework4/commit/8a72d8c20f38bbcac031a76a51238aa528f68821

Similar

Tags: Cybersecurity Alert