Node-Rules Project: >> Node-Rules >> 4.0.2 Security Vulnerabilities
node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON()" can be controlled by users without any sanitization.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-04-27