CVE-2023-29827

CVSS V2 None CVSS V3 None
Description
ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter.
Overview
  • CVE ID
  • CVE-2023-29827
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Received
  • Published Version
  • 2023-05-04T14:15:11
  • Last Modified Date
  • 2023-05-04T14:15:11
References
Reference URL Reference Tags
https://github.com/mde/ejs/issues/720
History
Created Old Value New Value Data Type Notes
2023-05-04 15:00:31 Added to TrackCVE