Conventional Changelog 参数注入漏洞
Conventional Changelog is an open source update log generation tool from Conventional Changelog. A parameter injection vulnerability exists in Conventional Changelog versions prior to 2.0.0 that stems from not cleaning or validating user input in the getTags API, which could lead to a parameter...