Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the getdiagnostics process. An attacker can execute arbitrary code with the server's operating system privileges by placing a malicious .csproj file that references an attacker-controlled DLL in a location...