Command Injection
Overview fsa is a File system auditor. Affected versions of this package are vulnerable to Command Injection. The first argument of execGitCommand, located within lib/rep.js63 can be controlled by users without any sanitization to inject arbitrary commands. PoC var root = require"fsa"; var...