EPSS
Percentile
71.0%
egg-scripts is vulnerable to shell command injection attacks. The attack exists because the library uses the execFile function which is not properly sanitized, allowing the attacker to inject malicious shell commands through command line argument.
execFile
github.com/eggjs/egg-scripts/blob/2.8.1/History.md
github.com/eggjs/egg-scripts/pull/26
hackerone.com/reports/388936