Security Notice & Bug Bounty - Remote Code Execution - huntr.dev
huntr-helper opened this issue · 0 comments
This issue has been generated on-behalf of Mik317 (https://huntr.dev/app/users/Mik317)
Overview
commit-msg is a customizable git commit message parser and validator written in Node.js. It validates a given string based on best practices and can be used as a git hook, command line tool and/or directly through the API.
The issue occurs because a user input is formatted inside a command that will be executed without any check.
Bug Bounty
We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/
We will submit a pull request directly to your repository with the fix as soon as possible. Want to learn more? Go to https://github.com/418sec/huntr 📚
Automatically generated by @huntr-helper...