Identifier

CVE-2020-7674

Package Slug

npm/access-policy

Vulnerability

Improper Input Validation

Description

access-policy is vulnerable to Arbitrary Code Execution. User input provided to the template function is executed by the eval function resulting in code execution.

Affected Versions

All versions up to 3.1.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-06-17

source