Karma Mojo
1 CVEs
product
Monthly
karma-mojo through 1.0.1 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Command Injection
Karma Mojo
NVD
GitHub
CVSS 3.1
9.8
EPSS
4.2%
CVE-2020-7626
npm
EPSS 4%
CVSS 9.8
CRITICAL
POC
Act Now
karma-mojo through 1.0.1 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Command Injection
Karma Mojo
NVD
GitHub