react-dev-utils is vulnerable to cross-site request forgery. Local unauthenticated attackers could exploit the flawed Webserver
component to execute arbitrary commands on the targeted system via the unsanitized input command to launch an editor.
CPE | Name | Operator | Version |
---|---|---|---|
react-dev-utils | le | 4.2.1 | |
react-dev-utils | le | 5.0.1 | |
react-dev-utils | le | 3.1.1 | |
react-dev-utils | le | 1.0.3 | |
react-dev-utils | le | 2.0.1 |