CVE-2023-31874 Information

Description

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened e.g. via nodeRequire(‘child_process’).

Reference

http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html