Vulnerability Details CVE-2019-12966
FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2019-12966
-
cpe:2.3:a:fehelper_project:fehelper:-
-
cpe:2.3:a:fehelper_project:fehelper:2019-06-19