Fix English
parent
ff610dc752
commit
b618c40ceb
|
@ -17,7 +17,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'Name' => 'Nodejs js-yaml load() Code Execution',
|
||||
'Description' => %q{
|
||||
This module can be used to abuse node.js applications that parse user-supplied YAML input
|
||||
using the load() function from the 'js-yaml' package < 2.0.5, who doesn't handle properly
|
||||
using the load() function from the 'js-yaml' package < 2.0.5, which doesn't properly handle
|
||||
the unsafe !!js/function tag, allowing to specify a self-executing function which results
|
||||
on execution of arbitrary javascript code.
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue