AI Score
Confidence
High
EPSS
Percentile
78.8%
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.
github.com/totaljs/framework/blob/master/utils.js%23L6606-L6631
github.com/totaljs/framework/commit/887b0fa9e162ef7a2dd9cec20a5ca122726373b3
snyk.io/vuln/SNYK-JS-TOTALJS-1088607