0.001 Low
EPSS
Percentile
26.1%
jsreport-chrome-pdf is vulnerable to arbitrary file read. An attacker can send malicious requests via lib/conversion.js to read arbitrary local files.
lib/conversion.js
github.com/jsreport/jsreport-chrome-pdf/commit/6750b2f77d05cb843aefc1c4a98097a3bd33a6a2