search

mde / ejs

Embedded JavaScript templates -- http://ejs.co
Apache License 2.0
7.66k stars 834 forks source link

CVE-2023-29827 - ejs v3.1.9 is vulnerable to server-side template injection #732

Closed WilliamRADFunk closed 1 year ago

WilliamRADFunk commented 1 year ago

Advisory notice: https://github.com/advisories/GHSA-j5pp-6f4w-r5r6

Is this something being worked on right now?

WilliamRADFunk commented 1 year ago

Duplicate: https://github.com/mde/ejs/issues/720