2 matches found
Cloudinary Node SDK is vulnerable to Arbitrary Argument Injection through parameters that include an ampersand
Versions of the package cloudinary before 2.7.0 are vulnerable to Arbitrary Argument Injection due to improper parsing of parameter values containing an ampersand. An attacker can inject additional, unintended parameters. This could lead to a variety of malicious outcomes, such as bypassing...
Cloudinary Node SDK 安全漏洞
Cloudinary Node SDK is a Cloudinary open source development toolkit for Cloudinary NPM. A security vulnerability exists in Cloudinary Node SDK versions prior to 2.7.0, which stems from improper parsing of parameter values containing with symbols, which could lead to an arbitrary parameter injecti...