CVE-2021-23390
Code Injection in npm/total4
Identifiers
CVE-2021-23390
Package Slug
npm/total4
Vulnerability
Code Injection
Description
The package total4 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.
Affected Versions
All versions before 0.0.43
Solution
Upgrade to version 0.0.43 or above.
Last Modified
2021-07-15
| source |