BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler Nov 30 2016 11:44AM
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code
Execution through the JavaScript Less Compiler

RedTeam Pentesting discovered behaviour in the Less.js compiler,
which allows execution of arbitrary code if an untrusted LESS file is
compiled.

Details
=======

Produc...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus