Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. Note: In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium...
9.8CVSS
9.6AI Score
0.002EPSS
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl...
6.1CVSS
6.7AI Score
0.002EPSS
6.1CVSS
5.8AI Score
0.001EPSS