Description
Valine v1.4.18 was discovered to contain a remote code execution (RCE) vulnerability which allows attackers to execute arbitrary code via a crafted POST request.
Remediation
References
https://github.com/xCss/Valine/issues/400
Related Vulnerabilities
CVE-2020-26299 Vulnerability in npm package ftp-srv
CVE-2023-38889 Vulnerability in maven package org.alluxio:alluxio-core
CVE-2021-40822 Vulnerability in maven package org.geoserver:gs-main
CVE-2022-4350 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2023-30529 Vulnerability in maven package org.jenkins-ci.plugins:lucene-search