VYPR

npm package

thinkjs

pkg:npm/thinkjs

Vulnerabilities (1)

  • CVE-2020-21176CriFeb 1, 2021
    affected <= 3.2.14

    SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.