GHSA-WXW2-RWMH-VR8F electerm: electerm_install_script_CommandInjection Vulnerability Report
Impact What kind of vulnerability is it? Who is impacted? Command Injection vulnerabilities in electerm: A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an exec"open...