CVE-2020-28447
Improper Neutralization of Special Elements used in a Command ('Command Injection') in npm/xopen
Identifiers
GHSA-74wf-cwjg-9cf2, CVE-2020-28447
Package Slug
npm/xopen
Vulnerability
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Description
This affects all versions of package xopen. The injection point is located in line 14 in index.js in the exported function xopen(filepath)
Affected Versions
All versions up to 1.0.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-08-09
| source |