2 matches found
GHSA-4C3C-R6P8-C863 Flawfinder output manipulation via untrusted filenames and source text
Impact This vulnerability is an improper input neutralization issue leading to output manipulation, specifically, Terminal/ANSI Escape Sequence Injection and XML Injection: Terminal Output Spoofing: A malicious file whose name contains ANSI escape sequences can end up being included in flawfinder...
XML Injection
Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to XML Injection through the XML processing mechanism. An attacker can bypass security features by sending a specially crafted XML script. Remediation...