Hashnode

A remote code execution vulnerability has been discovered in the blogging platform Hashnode.

The vulnerability if exploited could allow attackers to fetch internal server files and execute code on the server.

It was immediately reported to Hashcode and was fixed.

Source: https://portswigger.net/daily-swig/remote-code-execution-vulnerability-uncovered-in-hashnode-blogging-platform

TPRM report: https://scoringcyber.rankiteo.com/company/hashnode

"id": "has23362322",
"linkid": "hashnode",
"type": "Vulnerability",
"date": "03/2022",
"severity": "70",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Technology',
                        'name': 'Hashnode',
                        'type': 'Blogging Platform'}],
 'attack_vector': 'Exploitation of Vulnerability',
 'description': 'A remote code execution vulnerability has been discovered in '
                'the blogging platform Hashnode. The vulnerability if '
                'exploited could allow attackers to fetch internal server '
                'files and execute code on the server.',
 'impact': {'systems_affected': 'Internal Server Files'},
 'response': {'remediation_measures': 'Vulnerability was fixed'},
 'title': 'Remote Code Execution Vulnerability in Hashnode',
 'type': 'Remote Code Execution',
 'vulnerability_exploited': 'Remote Code Execution Vulnerability'}