Description
A Code Injection exists in treekill on Windows which allows a remote code execution when an attacker is able to control the input into the command.
Remediation
References
https://hackerone.com/reports/703415
Related Vulnerabilities
CVE-2020-28487 Vulnerability in maven package org.webjars.bowergithub.visjs:vis-timeline
CVE-2021-26539 Vulnerability in maven package org.webjars.npm:sanitize-html
CVE-2016-10726 Vulnerability in maven package org.dspace:dspace-xmlui
CVE-2023-22457 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-plugins
CVE-2019-1003096 Vulnerability in maven package org.jenkins-ci.plugins:testfairy