Erin 💽 on Nostr: "Sharkey: Remote code execution in Tweet import" Wait what?! How'd that happen. How'd ...
"Sharkey: Remote code execution in Tweet import"
Wait what?! How'd that happen. How'd you have an RCE vuln in a JavaScript project?!
const script = new vm.Script(fs.readFileSync(outputPath + '/data/tweets.js', 'utf-8'));
Oh. Exasperated sigh
Published at
2024-02-01 15:50:33Event JSON
{
"id": "6b9afb3f9126b3364fe224809dfad657383fe6c782404c201d354ed6829abcac",
"pubkey": "cadc0ca06b5fbbd3b118d99c709418e914dfc5fdc320860ea817fca701ceacd8",
"created_at": 1706802633,
"kind": 1,
"tags": [
[
"proxy",
"https://queer.af/users/erincandescent/statuses/111857017408399723",
"activitypub"
]
],
"content": "\"Sharkey: Remote code execution in Tweet import\"\n\nWait what?! How'd that happen. How'd you have an RCE vuln in a JavaScript project?!\n\nconst script = new vm.Script(fs.readFileSync(outputPath + '/data/tweets.js', 'utf-8'));\n\nOh. Exasperated sigh",
"sig": "739c7f5606b2218b8c03f336e164b04b2c5da18451d8db24f8e1724f0c03d5571400db2beac2b183ea94e369007823ebf61347f8cdbafc36428afd466498017e"
}
