Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID npm:hubot-scripts:20130515
- published 15 May 2013
- disclosed 15 May 2013
- credit Neal Poole
How to fix?
hubot-scripts to version 2.4.4 or higher.
hubot-scripts is a collection of community scripts for hubot, a chat bot.
Affected versions of this package are vulnerable to Arbitrary Command Injection. Untrusted input was passed into the email command, allowinf an attacker to input malicious commands.