2 matches found
Cross-Site Scripting (XSS)
ejs is vulnerable to cross-site scripting XSS attacks. A malicious user can edit the localNames variable in the OPTS array which renders any arbitrary javascript in that variable...
Denial Of Service (DoS)
ejs is vulnerable to denial of service DoS attacks. A malicious user can cause the system to crash by controlling and modifying values in the OPTS array...