The vulnerability of the child_process.spawn() and child_process.spawnSync() functions in the Node.js software platform for Windows operating systems allows a hacker to bypass security restrictions and execute arbitrary commands.
The vulnerability of the childprocess.spawn and childprocess.spawnSync functions in the Node.js software platform for Windows operating systems is related to the improper handling of the shell parameter in .bat and .cmd files. Exploiting this vulnerability allows a remote attacker to bypass...