GHSA-M2FC-9H5M-29CM @acrontum/filesystem-template vulnerable to Command Injection due to fetchRepo API missing sanitization

The package @acrontum/filesystem-template before 0.0.2 is vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...

@acrontum/filesystem-template vulnerable to Command Injection due to fetchRepo API missing sanitization

The package @acrontum/filesystem-template before 0.0.2 is vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...

Remote Code Execution (RCE)

filesystem-template is vulnerable to remote code execution. The vulnerability exists because it does not escape incoming URL parameters in the fetchRepo API, allowing an attacker to pass and execute malicious code via it...

Command injection

The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...

Improper Neutralization of Special Elements used in a Command ('Command Injection')

The package @acrontum/filesystem-template before 0.0.2 is vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...