calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the eval function at /routes/calculator.js. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the input field.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://kropov.com/calculator-boilerplate-cve.txt |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-07-18T00:00:00
Updated: 2024-08-02T04:19:20.583Z
Reserved: 2024-06-21T00:00:00
Link: CVE-2024-39173
Vulnrichment
Updated: 2024-07-19T12:50:35.790Z
NVD
Status : Awaiting Analysis
Published: 2024-07-18T20:15:04.227
Modified: 2024-11-21T09:27:16.597
Link: CVE-2024-39173
Redhat
No data.