Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server…
mitre·CWE-94·Published 2014-10-08
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.
A vulnerability exists in bassmaster <= 1.5.1 that allows for an attacker to provide arbitrary JavaScript that is then executed server side via eval. ## Recommendation Update to bassmaster version 1.5.2 or greater.
A vulnerability exists in bassmaster <= 1.5.1 that allows for an attacker to provide arbitrary JavaScript that is then executed server side via eval. ## Recommendation Update to bassmaster version 1.5.2 or greater.
Vulnerabilidad de inyección Eval en la función internals.batch en lib/batch.js en el plugin bassmaster anterior a 1.5.2 para el Framework del servidor hapi para Node.js permite a atacantes remotos ejecutar código Javascript arbitrario a través de vectores no especificados.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 10.0 | 10.0 | 10.0 | AV:N/AC:L/Au:N/C:C/I:C/A:C |