Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal in ssr-pages
Vulnerability Description
ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the `svg` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Ssr Pages Builder 路径遍历漏洞
Vulnerability Description
Ssr Pages Builder是一个用于 Ssr(服务器端渲染)的 Html 页面构建器。 SSR -pages存在路径遍历漏洞,该漏洞源于当向 svg 属性提供不可信的输入作为 build(MessagePageOptions)函数的参数时,可能会出现路径遍历问题。虽然目前还没有已知的解决方案,但在0.1.4版本中有一个补丁。
CVSS Information
N/A
Vulnerability Type
N/A