hbkhan

1 exploit Active since Jul 2020
CVE-2020-7688 WRITEUP HIGH WRITEUP
mversion < 2.0.1 - OS Command Injection via TagName Parameter
The issue occurs because tagName user input is formatted inside the exec function is executed without any checks.
CVSS 8.4