Node.js third-party modules: [jsreport] Remote Code Execution

I would like to report Remote Code Execution in jsreport It allows running js files remotely on a vulnerable server. Module module name: jsreport version: 2.5.0 npm page: https://www.npmjs.com/package/jsreport Module Description jsreport is a reporting server which lets developers define reports...

Node.js third-party modules: [script-manager] Unintended require

I would like to report Unintended Require in script-manager. It allows loading arbitary non-production code js files. Module module name: script-manager version: 0.8.6 npm page: https://www.npmjs.com/package/script-manager Module Description node.js manager for running foreign and potentially...