2020-04-02 21:28:11
snyk
PUBLISHED
node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the arrParams argument in the execute() function.