EPSS
Percentile
87.0%
mosc is vulnerable to arbitrary code execution. Untrusted user input to the properties argument is passed to the eval function without validation, allowing an attacker to execute arbitrary code.
properties
eval
github.com/4y0/mosc/blob/v0.0.1/mosc.js#L50
github.com/advisories/GHSA-j665-rvj7-2jv9