Node.js Embedded JavaScript 漏洞列表

共找到 1 个与 Node.js Embedded JavaScript 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-29078: Node.js Embedded JavaScript 3.1.6 - Template Injection POC

日期: 2025-08-01 | 影响软件: Node.js Embedded JavaScript

Node.js Embedded JavaScript 3.1.6 is susceptible to server-side template injection via settings[view options][outputFunctionName], which is parsed as an internal option and overwrites the outputFunctionName option with an arbitrary OS command, which is then executed upon template compilation.