CVE-2021-23389
Code Injection in npm/total.js
Identifiers
CVE-2021-23389
Package Slug
npm/total.js
Vulnerability
Code Injection
Description
The package total.js are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.
Affected Versions
All versions before 3.4.9
Solution
Upgrade to version 3.4.9 or above.
Last Modified
2021-07-15
| source |