The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2021-07-12T15:15:18.459332Z
Updated: 2024-09-16T18:33:56.688Z
Reserved: 2021-01-08T00:00:00
Link: CVE-2021-23389
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-07-12T16:15:08.953
Modified: 2021-07-14T17:37:10.223
Link: CVE-2021-23389
Redhat
No data.