CVE-2020-7740

This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:node-pdf-generator_project:node-pdf-generator:*:*:*:*:*:*:*:*

Information

Published : 2020-10-06 11:15

Updated : 2020-10-19 12:06


NVD link : CVE-2020-7740

Mitre link : CVE-2020-7740


JSON object : View

CWE
CWE-20

Improper Input Validation

CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

node-pdf-generator_project

  • node-pdf-generator