CVE-2019-0542 – xterm.js: Mishandling of special characters allows for remote code execution

https://notcve.org/view.php?id=CVE-2019-0542

09 Jan 2019 — A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js. Existe una vulnerabilidad de ejecución remota de código en Xterm.js cuando el componente maneja mal los caracteres especiales, también conocida como "Xterm Remote Code Execution Vulnerability". Esto afecta a xterm.js It was found that xterm.js does not sanitize terminal escape sequences in browser terminals allowing for execution o... • http://www.securityfocus.com/bid/106434 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •