GHSA-x73w-g8hx-v7rp, CVE-2020-23256
npm/electerm
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.
All versions up to 1.3.22
Unfortunately, there is no solution available yet.
2023-01-30
source |