FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {“a”:(function(){confirm(1)})()} input.
Source: NIST
CVE-2019-12966
Security in mind
FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {“a”:(function(){confirm(1)})()} input.
Source: NIST
CVE-2019-12966