Vulnerabilities > Ebay

DATE CVE VULNERABILITY TITLE RISK
2023-03-06 CVE-2023-26107 Code Injection vulnerability in Ebay Sketchsvg
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.
local
low complexity
ebay CWE-94
7.8