CVE-2024-39173

calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the eval function at /routes/calculator.js. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the input field. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt