CVE-2020-28439
11.12.2020, 17:15
This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:
| Vendor | Product | Version |
|---|---|---|
| corenlp-js-prefab_project | corenlp-js-prefab | * |
𝑥
= Vulnerable software versions