2017-11-17 03:00:00
mitre
PUBLISHED
nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection