0.011 Low
EPSS
Percentile
84.5%
google-it is vulnerable to command injection. The vulnerability exists in the openInBrowser function in googleIt.js due to a lack of input sanitization which allows an attacker to inject and execute arbitrary codes.
openInBrowser
googleIt.js
advisory.checkmarx.net/advisory/CX-2021-4777
github.com/advisories/GHSA-7xhv-mpjw-422f
github.com/PatNeedham/google-it/blob/v1.6.2/lib/googleIt.js#L59
github.com/PatNeedham/google-it/blob/v1.6.2/src/googleIt.js#L34