3 matches found
repo-to-pdf (=0.1.6) potentially affected by CVE-2024-9283 via relaxedjs (=0.2.4)
relaxedjs NPM version =0.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on relaxedjs and may be impacted: - repo-to-pdf =0.1.6 Source cves: CVE-2024-9283 Source advisory: OSV:GHSA-GJ3P-J74V-3X57...
CVE-2024-9283
CVE-2024-9283 affects RelaxedJS ReLaXed up to 0.2.2, with a vulnerability in the Pug to PDF Converter component that enables cross-site scripting. The issue is local in nature; exploitation requires local access, and the exploit has been disclosed publicly and may be used. Several connected sourc...
CVE-2024-9283 RelaxedJS ReLaXed Pug to PDF Converter cross site scripting
A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site scripting. An attack has to be approached locally. The exploit has been disclosed to the public an...