Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerabilities in an interactive lesson.
Start learningThere is no fixed version for composio-core
.
composio-core is a Core package to act as a bridge between composio platform and other services.
Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions ('XPath Injection') via the BROWSERTOOL_GOTO_PAGE
and BROWSERTOOL_GET_PAGE_DETAILS
actions. An attacker can read the contents of any file on the system by sending crafted requests.