An issue was discovered in NPM's package @evershop/evershop before version 1.0.0-rc.8. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.
Authentication Bypass
Node.js
Evershop
NVD
CVSS 3.1
9.1
EPSS
0.1%