MidnightBSD

Advisories for fehelper_project

CVE-2019-12966 HIGH

FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-74,

Products Affected

Vendor Product Version
fehelper_project fehelper *