Security Advisory

CVE-2020-7740

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-06 16:40:13

Last updated 2024-09-17 03:52:44

Assigner snyk

State PUBLISHED

Description

This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack.

← Browse all CVEs View on cve.org ↗