5 matches found
OS Command Injection
tts-api is vulnerable to OS Command Injection. The vulnerability is due to a lack of validation in the onSpeechDone function within app.js. This could allow an attacker to gain unauthorized access by executing unauthorized commands...
Pedroetb TTS-API OS Command Injection
A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command injection. Upgrading to version 2.2.0 is able to address this issue. The patch is identified as...
GHSA-JX6Q-FQ9H-6G7Q Pedroetb TTS-API OS Command Injection
A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command injection. Upgrading to version 2.2.0 is able to address this issue. The patch is identified as...
CVE-2019-25158
A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command injection. Upgrading to version 2.2.0 is able to address this issue. The patch is identified as...
TTS API OS Command Injection Vulnerability
The TTS API is a text-to-speech REST API for multiple TTS engines from the individual developer Pedro Trujillo. An operating system command injection vulnerability exists in TTS API version 2.1.4 and earlier, which stems from the onSpeechDone function of a file that can lead to operating system...