0.012 Low
EPSS
Percentile
85.1%
total.js is vulnerable to remote code execution. The vulnerability exists in set of utils.js where it does not validate malicious parameter being injected and executed by a malicious user.
set
utils.js
github.com/totaljs/framework/commit/c812bbcab8981797d3a1b9993fc42dad3d246f04