Djv Project: Security Vulnerabilities
This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-01-04