Filtered by vendor Node-pdf-generator Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-7740 | 1 Node-pdf-generator Project | 1 Node-pdf-generator | 2024-02-04 | 6.4 MEDIUM | 8.2 HIGH |
This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack. |