window-control vulnerable to Command Injection due to improper input sanitization
Versions of the package window-control before 1.4.5 is vulnerable to Command Injection via the sendKeys function, due to improper input sanitization.
Advisories for Npm/Window-Control package
2023