Security Advisory

CVE-2021-32831

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-30 20:40:21

Last updated 2024-08-03 23:33:56

Assigner GitHub_M

State PUBLISHED

Description

Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHPs Laravel or Pythons Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to code-injection. This can cause a variety of impacts that include arbitrary code execution. This is fixed in version 3.4.9.

← Browse all CVEs View on cve.org ↗