2019-12-18 20:58:51
hackerone
PUBLISHED
A code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input.