2 matches found
CVE-2025-26240
In JazzCore python-pdfkit 1.0.0, the fromstring method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files...
CVE-2025-26240
The CVE-2025-26240 entry affects JazzCoreās python-pdfkit 1.0.0, where the from_string method allows JavaScript to execute within the server context and enables exfiltration of local files. This indicates a server-side execution vector with high impact on confidentiality, integrity, and availabil...