CVE-2022-25926

Severity CVSS v4.0:
Pending analysis
Type:
CWE-78 OS Command Injections
Publication date:
04/01/2023
Last modified:
10/04/2025

Description

Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization.<br /> <br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:window-control_project:window-control:*:*:*:*:*:node.js:*:* 1.4.5 (excluding)