search

mde / ejs

Embedded JavaScript templates -- http://ejs.co
Apache License 2.0
7.74k stars 843 forks source link

ejs v3.1.9 is vulnerable to server-side template injection #731

Closed elya158 closed 1 year ago

elya158 commented 1 year ago

Version 3.1.9 has the following vulnerability: CVE-2023-29827. Can it be fixed?

mde commented 1 year ago

Duplicate of https://github.com/mde/ejs/issues/720