Unknown · Ironman Powershell Universal · CVE-2023-49213
**Name of the Vulnerable Software and Affected Versions**
Ironman PowerShell Universal versions 3.0.0 through 4.2.0
**Description**
The issue allows remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. This is related to API endpoints.
**Recommendations**
For versions 3.0.0 through 3.10.1, update to version 3.10.2.
For versions 4.1.0 through 4.1.9, update to version 4.1.10.
For versions 4.2.0, update to version 4.2.1.