CVE-2019-10788

Published: 2020-02-04T21:15Z

Last Modified: 2024-11-21T04:19Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt