2018-06-04 19:00:00
hackerone
PUBLISHED
Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.