nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection
CVSS Score
6.1
EPSS Score
0.002
Published
2017-11-17
nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile()
CVSS Score
7.5
EPSS Score
0.009
Published
2017-11-17
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
CVSS Score
9.8
EPSS Score
0.072
Published
2017-11-17