In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. This allows arbitrary shell execution,which can compromise the bot This is patched in version 1.0.0-beta
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nick chan bot project nick chan bot 1.0.0 |