tsunez
commented
3 years ago Issue still exists.
SUMMARY
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Open tsunez opened 3 years ago
tsunez
commented
3 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
tsunez
commented
3 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
tsunez
commented
3 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
tsunez
commented
3 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Code_Injection issue exists @ core/apphandler.js in branch master
The application's function method receives and dynamically executes user-controlled code using eqn, at line 194 of core\apphandler.js. This could enable an attacker to inject and run arbitrary code. The attacker can inject the executed code via user input, eqn, which is retrieved by the application in the function method, at line 194 of core\apphandler.js.
Severity: High
CWE:94
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 197 39
Code (Line #197):
Code (Line #39):