Lucene search
PRIOn knowledge basePRION:CVE-2020-7697HistoryJul 29, 2020 - 1:15 p.m.
Design/Logic Flaw
2020-07-2913:15:00
PRIOn knowledge base
www.prio-n.com
4
This affects all versions of package mock2easy. a malicious user could inject commands through the _data variable: Affected Area require(‘…/server/getJsonByCurl’)(mock2easy, function (error, stdout) { if (error) { return res.json(500, error); } res.json(JSON.parse(stdout)); }, ‘’, _data.interfaceUrl, query, _data.cookie,_data.interfaceType);
Related
osv
osv
Code injection in mock2easy
2021-05-06 18:25:58
cvelist
cvelist
CVE-2020-7697 Command Injection
2020-07-29 00:00:00
cve
cve
CVE-2020-7697
2020-07-29 13:15:10
veracode
veracode
Remote Code Execution (RCE)
2017-05-02 08:48:02
nvd
nvd
CVE-2020-7697
2020-07-29 13:15:10
github
github
Code injection in mock2easy
2021-05-06 18:25:58