Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in node-rules.
Advisories for Npm/Node-Rules package
2020
Injection Vulnerability
node-rules including allows injection of arbitrary commands. The argument rules of function fromJSON() can be controlled by users without any sanitization.