The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing arbitrary code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
static-eval project static-eval |