Skip to content

Path Traversal in @finastra/ssr-pages

Moderate
bcldvd published GHSA-w6cx-qg2q-rvq8 Mar 1, 2022

Package

npm @finastra/ssr-pages (npm)

Affected versions

< 0.1.4

Patched versions

0.1.4

Description

A path traversal issue can occur when providing untrusted input to the svg property as an argument to the build(MessagePageOptions) function.

References

Severity

Moderate

CVE ID

CVE-2022-24718

Weaknesses

Credits