Command Injection Vulnerability in curling.js

Command Injection Vulnerability in curling.js

CVE-2019-10789 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization.

Learn more about our User Device Pen Test.