Remote Code Execution (RCE)

post-loader is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization in an unsecure parser which allows an attacker to execute maliciously crafted script in the system...

PT-2022-13408 · Unknown · Post-Loader

Name of the Vulnerable Software and Affected Versions: post-loader versions 0.0.0 and later Description: The issue concerns the post-loader package, which is a webpack loader for blog posts written in Markdown. It is vulnerable to Arbitrary Code Execution due to the use of a markdown parser in an...