Npm/Stimulsoft-Dashboards-Js | GitLab Advisory Database

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function.

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field.

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component.

Advisories for Npm/Stimulsoft-Dashboards-Js package