CVE-2020-28425
Curljs is affected by a Command Injection vulnerability that affects all versions. The root cause is lack of input sanitization, allowing an attacker-supplied argument to inject OS commands. Reported exploit evidence includes a PoC showing arbitrary command execution, and multiple sources confirm...