CVE-2020-6948
A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password.
OS Command Injection
Vendor | Product | Version |
---|---|---|
hashbrowncms | hashbrown_cms | 𝑥 ≤ 1.3.3 |
Common Weakness Enumeration