EPSS
Percentile
65.2%
xopen is vulnerable to command injection. The vulnerability exists in xopen(filepath) function in index.js because the command execution implementation is not properly handled which allows an attacker to inject and execute malicious commands.
xopen(filepath)
index.js
github.com/advisories/GHSA-74wf-cwjg-9cf2
github.com/andrewimm/xopen/blob/master/index.js#L11
www.cybersecurity-help.cz/vulnerabilities/50160/