Severity: critical

    Arbitrary File Read

    html-pdf

    Overview

    html-pdf before version 3.0.1 is vulnerable to Arbitrary File Read. The package fails to sanitize the HTML input, allowing attackers to exfiltrate server files by supplying malicious HTML code. XHR requests in the HTML code are executed by the server. Input with an XHR request such as request.open("GET","file:///etc/passwd") will result in a PDF document with the contents of /etc/passwd.

    Remediation

    Upgrade to version 3.0.1 or later

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      Sep 18th, 2019