You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Affected versions allow an attacker to execute remote commands. The issue occurs because tagName user input is formatted inside the exec function in #L64 is executed without any checks.
✍️ Description
Affected versions allow an attacker to execute remote commands. The issue occurs because
tagName
user input is formatted inside theexec
function in #L64 is executed without any checks.🕵️♂️ Proof of Concept
💥 Impact
This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input.
The text was updated successfully, but these errors were encountered: