Description
mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User input provided to `properties` argument is executed by the `eval` function, resulting in code execution.
Remediation
References
https://snyk.io/vuln/SNYK-JS-MOSC-571492
Related Vulnerabilities
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-drill
CVE-2016-10707 Vulnerability in npm package jquery
CVE-2022-36313 Vulnerability in npm package file-type
CVE-2023-36478 Vulnerability in maven package org.eclipse.jetty.http2:http2-hpack
CVE-2022-37724 Vulnerability in maven package wonder.utilities:utilities