From ec12cbe5bbe2abf3645d9aef93538998fd9199c1 Mon Sep 17 00:00:00 2001
From: Divya <007divyachawla@users.noreply.github.com>
Date: Wed, 28 Apr 2021 18:19:01 +0530
Subject: [PATCH] Fix RCE

---
 src/views.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/views.js b/src/views.js
index 60a754c6..8dee1f0a 100644
--- a/src/views.js
+++ b/src/views.js
@@ -16,7 +16,7 @@ module.exports = app => {
     */
     let result = '';
     try {
-      result = require('util').inspect(eval(req.query.userInput));
+      result = require('util').inspect(req.query.userInput);
     } catch (ex) {
       console.error(ex);
     }