CVE-2019-15138
CVE-2019-15138 affects the Node.js module html-pdf (v2.2.0). The vulnerability allows an arbitrary file read by processing an HTML file that uses an XMLHttpRequest to access a file:/// URL, enabling the server to exfiltrate local files (e.g., /etc/passwd). Public references in the Connected docum...