install-nw code execution vulnerability (CNVD-2018-10902)
install-nw is a tool for installing and caching NW.j modules. A security vulnerability exists in versions prior to install-nw 1.1.5, which originates when a program downloads JavaScript resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested...