CVE-2020-28447
The CVE-2020-28447 entry corresponds to a command-injection vulnerability in the xopen npm package. Affected software: all versions of xopen. Root cause: in xopen(filepath) located in index.js, the code executes OS commands without proper sanitization (injection point at line 14). Impact: enables...