TTS API OS Command Injection Vulnerability
The TTS API is a text-to-speech REST API for multiple TTS engines from the individual developer Pedro Trujillo. An operating system command injection vulnerability exists in TTS API version 2.1.4 and earlier, which stems from the onSpeechDone function of a file that can lead to operating system...